From 4e215234d138dee559fc1557f0ee01c59e89ceec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Tue, 5 Nov 2024 23:25:50 +0000 Subject: [PATCH 01/50] feat: cd test app --- apps/cd-test/.eslintrc.json | 31 ++ apps/cd-test/index.d.ts | 6 + apps/cd-test/jest.config.ts | 11 + apps/cd-test/next-env.d.ts | 5 + apps/cd-test/next.config.js | 22 ++ apps/cd-test/project.json | 57 +++ apps/cd-test/public/.gitkeep | 0 apps/cd-test/public/favicon.ico | Bin 0 -> 15086 bytes apps/cd-test/specs/index.spec.tsx | 11 + apps/cd-test/src/app/api/hello/route.ts | 3 + apps/cd-test/src/app/global.css | 409 +++++++++++++++++++++ apps/cd-test/src/app/layout.tsx | 18 + apps/cd-test/src/app/page.module.css | 2 + apps/cd-test/src/app/page.tsx | 469 ++++++++++++++++++++++++ apps/cd-test/tsconfig.json | 40 ++ apps/cd-test/tsconfig.spec.json | 21 ++ 16 files changed, 1105 insertions(+) create mode 100644 apps/cd-test/.eslintrc.json create mode 100644 apps/cd-test/index.d.ts create mode 100644 apps/cd-test/jest.config.ts create mode 100644 apps/cd-test/next-env.d.ts create mode 100644 apps/cd-test/next.config.js create mode 100644 apps/cd-test/project.json create mode 100644 apps/cd-test/public/.gitkeep create mode 100644 apps/cd-test/public/favicon.ico create mode 100644 apps/cd-test/specs/index.spec.tsx create mode 100644 apps/cd-test/src/app/api/hello/route.ts create mode 100644 apps/cd-test/src/app/global.css create mode 100644 apps/cd-test/src/app/layout.tsx create mode 100644 apps/cd-test/src/app/page.module.css create mode 100644 apps/cd-test/src/app/page.tsx create mode 100644 apps/cd-test/tsconfig.json create mode 100644 apps/cd-test/tsconfig.spec.json diff --git a/apps/cd-test/.eslintrc.json b/apps/cd-test/.eslintrc.json new file mode 100644 index 000000000000..c0ddea95cc56 --- /dev/null +++ b/apps/cd-test/.eslintrc.json @@ -0,0 +1,31 @@ +{ + "extends": [ + "plugin:@nx/react-typescript", + "next", + "next/core-web-vitals", + "../../.eslintrc.json" + ], + "ignorePatterns": ["!**/*", ".next/**/*"], + "overrides": [ + { + "files": ["*.ts", "*.tsx", "*.js", "*.jsx"], + "rules": { + "@next/next/no-html-link-for-pages": ["error", "apps/cd-test/pages"] + } + }, + { + "files": ["*.ts", "*.tsx"], + "rules": {} + }, + { + "files": ["*.js", "*.jsx"], + "rules": {} + }, + { + "files": ["*.spec.ts", "*.spec.tsx", "*.spec.js", "*.spec.jsx"], + "env": { + "jest": true + } + } + ] +} diff --git a/apps/cd-test/index.d.ts b/apps/cd-test/index.d.ts new file mode 100644 index 000000000000..a9ab53489c7f --- /dev/null +++ b/apps/cd-test/index.d.ts @@ -0,0 +1,6 @@ +/* eslint-disable @typescript-eslint/no-explicit-any */ +declare module '*.svg' { + const content: any + export const ReactComponent: any + export default content +} diff --git a/apps/cd-test/jest.config.ts b/apps/cd-test/jest.config.ts new file mode 100644 index 000000000000..f2201ec77c05 --- /dev/null +++ b/apps/cd-test/jest.config.ts @@ -0,0 +1,11 @@ +/* eslint-disable */ +export default { + displayName: 'cd-test', + preset: '../../jest.preset.js', + transform: { + '^(?!.*\\.(js|jsx|ts|tsx|css|json)$)': '@nx/react/plugins/jest', + '^.+\\.[tj]sx?$': ['babel-jest', { presets: ['@nx/next/babel'] }], + }, + moduleFileExtensions: ['ts', 'tsx', 'js', 'jsx'], + coverageDirectory: '../../coverage/apps/cd-test', +} diff --git a/apps/cd-test/next-env.d.ts b/apps/cd-test/next-env.d.ts new file mode 100644 index 000000000000..4f11a03dc6cc --- /dev/null +++ b/apps/cd-test/next-env.d.ts @@ -0,0 +1,5 @@ +/// +/// + +// NOTE: This file should not be edited +// see https://nextjs.org/docs/basic-features/typescript for more information. diff --git a/apps/cd-test/next.config.js b/apps/cd-test/next.config.js new file mode 100644 index 000000000000..5dd157afdc66 --- /dev/null +++ b/apps/cd-test/next.config.js @@ -0,0 +1,22 @@ +//@ts-check + +// eslint-disable-next-line @typescript-eslint/no-var-requires +const { composePlugins, withNx } = require('@nx/next') + +/** + * @type {import('@nx/next/plugins/with-nx').WithNxOptions} + **/ +const nextConfig = { + nx: { + // Set this to true if you would like to use SVGR + // See: https://github.com/gregberge/svgr + svgr: false, + }, +} + +const plugins = [ + // Add more Next.js plugins to this list if needed. + withNx, +] + +module.exports = composePlugins(...plugins)(nextConfig) diff --git a/apps/cd-test/project.json b/apps/cd-test/project.json new file mode 100644 index 000000000000..6af5f84a0718 --- /dev/null +++ b/apps/cd-test/project.json @@ -0,0 +1,57 @@ +{ + "name": "cd-test", + "$schema": "../../node_modules/nx/schemas/project-schema.json", + "sourceRoot": "apps/cd-test", + "projectType": "application", + "tags": [], + "targets": { + "build": { + "executor": "@nx/next:build", + "outputs": ["{options.outputPath}"], + "defaultConfiguration": "production", + "options": { + "outputPath": "dist/apps/cd-test" + }, + "configurations": { + "development": { + "outputPath": "apps/cd-test" + }, + "production": {} + } + }, + "serve": { + "executor": "@nx/next:server", + "defaultConfiguration": "development", + "options": { + "buildTarget": "cd-test:build", + "dev": true + }, + "configurations": { + "development": { + "buildTarget": "cd-test:build:development", + "dev": true + }, + "production": { + "buildTarget": "cd-test:build:production", + "dev": false + } + } + }, + "export": { + "executor": "@nx/next:export", + "options": { + "buildTarget": "cd-test:build:production" + } + }, + "test": { + "executor": "@nx/jest:jest", + "outputs": ["{workspaceRoot}/coverage/{projectRoot}"], + "options": { + "jestConfig": "apps/cd-test/jest.config.ts" + } + }, + "lint": { + "executor": "@nx/eslint:lint" + } + } +} diff --git a/apps/cd-test/public/.gitkeep b/apps/cd-test/public/.gitkeep new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/apps/cd-test/public/favicon.ico b/apps/cd-test/public/favicon.ico new file mode 100644 index 0000000000000000000000000000000000000000..317ebcb2336e0833a22dddf0ab287849f26fda57 GIT binary patch literal 15086 zcmeI332;U^%p|z7g|#(P)qFEA@4f!_@qOK2 z_lJl}!lhL!VT_U|uN7%8B2iKH??xhDa;*`g{yjTFWHvXn;2s{4R7kH|pKGdy(7z!K zgftM+Ku7~24TLlh(!g)gz|foI94G^t2^IO$uvX$3(OR0<_5L2sB)lMAMy|+`xodJ{ z_Uh_1m)~h?a;2W{dmhM;u!YGo=)OdmId_B<%^V^{ovI@y`7^g1_V9G}*f# zNzAtvou}I!W1#{M^@ROc(BZ! z+F!!_aR&Px3_reO(EW+TwlW~tv*2zr?iP7(d~a~yA|@*a89IUke+c472NXM0wiX{- zl`UrZC^1XYyf%1u)-Y)jj9;MZ!SLfd2Hl?o|80Su%Z?To_=^g_Jt0oa#CT*tjx>BI z16wec&AOWNK<#i0Qd=1O$fymLRoUR*%;h@*@v7}wApDl^w*h}!sYq%kw+DKDY)@&A z@9$ULEB3qkR#85`lb8#WZw=@})#kQig9oqy^I$dj&k4jU&^2(M3q{n1AKeGUKPFbr z1^<)aH;VsG@J|B&l>UtU#Ejv3GIqERzYgL@UOAWtW<{p#zy`WyJgpCy8$c_e%wYJL zyGHRRx38)HyjU3y{-4z6)pzb>&Q1pR)B&u01F-|&Gx4EZWK$nkUkOI|(D4UHOXg_- zw{OBf!oWQUn)Pe(=f=nt=zkmdjpO^o8ZZ9o_|4tW1ni+Un9iCW47*-ut$KQOww!;u z`0q)$s6IZO!~9$e_P9X!hqLxu`fpcL|2f^I5d4*a@Dq28;@2271v_N+5HqYZ>x;&O z05*7JT)mUe&%S0@UD)@&8SmQrMtsDfZT;fkdA!r(S=}Oz>iP)w=W508=Rc#nNn7ym z1;42c|8($ALY8#a({%1#IXbWn9-Y|0eDY$_L&j{63?{?AH{);EzcqfydD$@-B`Y3<%IIj7S7rK_N}je^=dEk%JQ4c z!tBdTPE3Tse;oYF>cnrapWq*o)m47X1`~6@(!Y29#>-#8zm&LXrXa(3=7Z)ElaQqj z-#0JJy3Fi(C#Rx(`=VXtJ63E2_bZGCz+QRa{W0e2(m3sI?LOcUBx)~^YCqZ{XEPX)C>G>U4tfqeH8L(3|pQR*zbL1 zT9e~4Tb5p9_G}$y4t`i*4t_Mr9QYvL9C&Ah*}t`q*}S+VYh0M6GxTTSXI)hMpMpIq zD1ImYqJLzbj0}~EpE-aH#VCH_udYEW#`P2zYmi&xSPs_{n6tBj=MY|-XrA;SGA_>y zGtU$?HXm$gYj*!N)_nQ59%lQdXtQZS3*#PC-{iB_sm+ytD*7j`D*k(P&IH2GHT}Eh z5697eQECVIGQAUe#eU2I!yI&%0CP#>%6MWV z@zS!p@+Y1i1b^QuuEF*13CuB zu69dve5k7&Wgb+^s|UB08Dr3u`h@yM0NTj4h7MnHo-4@xmyr7(*4$rpPwsCDZ@2be zRz9V^GnV;;?^Lk%ynzq&K(Aix`mWmW`^152Hoy$CTYVehpD-S1-W^#k#{0^L`V6CN+E z!w+xte;2vu4AmVNEFUOBmrBL>6MK@!O2*N|2=d|Y;oN&A&qv=qKn73lDD zI(+oJAdgv>Yr}8(&@ZuAZE%XUXmX(U!N+Z_sjL<1vjy1R+1IeHt`79fnYdOL{$ci7 z%3f0A*;Zt@ED&Gjm|OFTYBDe%bbo*xXAQsFz+Q`fVBH!N2)kaxN8P$c>sp~QXnv>b zwq=W3&Mtmih7xkR$YA)1Yi?avHNR6C99!u6fh=cL|KQ&PwF!n@ud^n(HNIImHD!h87!i*t?G|p0o+eelJ?B@A64_9%SBhNaJ64EvKgD&%LjLCYnNfc; znj?%*p@*?dq#NqcQFmmX($wms@CSAr9#>hUR^=I+=0B)vvGX%T&#h$kmX*s=^M2E!@N9#m?LhMvz}YB+kd zG~mbP|D(;{s_#;hsKK9lbVK&Lo734x7SIFJ9V_}2$@q?zm^7?*XH94w5Qae{7zOMUF z^?%F%)c1Y)Q?Iy?I>knw*8gYW#ok|2gdS=YYZLiD=CW|Nj;n^x!=S#iJ#`~Ld79+xXpVmUK^B(xO_vO!btA9y7w3L3-0j-y4 z?M-V{%z;JI`bk7yFDcP}OcCd*{Q9S5$iGA7*E1@tfkyjAi!;wP^O71cZ^Ep)qrQ)N z#wqw0_HS;T7x3y|`P==i3hEwK%|>fZ)c&@kgKO1~5<5xBSk?iZV?KI6&i72H6S9A* z=U(*e)EqEs?Oc04)V-~K5AUmh|62H4*`UAtItO$O(q5?6jj+K^oD!04r=6#dsxp?~}{`?&sXn#q2 zGuY~7>O2=!u@@Kfu7q=W*4egu@qPMRM>(eyYyaIE<|j%d=iWNdGsx%c!902v#ngNg z@#U-O_4xN$s_9?(`{>{>7~-6FgWpBpqXb`Ydc3OFL#&I}Irse9F_8R@4zSS*Y*o*B zXL?6*Aw!AfkNCgcr#*yj&p3ZDe2y>v$>FUdKIy_2N~}6AbHc7gA3`6$g@1o|dE>vz z4pl(j9;kyMsjaw}lO?(?Xg%4k!5%^t#@5n=WVc&JRa+XT$~#@rldvN3S1rEpU$;XgxVny7mki3 z-Hh|jUCHrUXuLr!)`w>wgO0N%KTB-1di>cj(x3Bav`7v z3G7EIbU$z>`Nad7Rk_&OT-W{;qg)-GXV-aJT#(ozdmnA~Rq3GQ_3mby(>q6Ocb-RgTUhTN)))x>m&eD;$J5Bg zo&DhY36Yg=J=$Z>t}RJ>o|@hAcwWzN#r(WJ52^g$lh^!63@hh+dR$&_dEGu&^CR*< z!oFqSqO@>xZ*nC2oiOd0eS*F^IL~W-rsrO`J`ej{=ou_q^_(<$&-3f^J z&L^MSYWIe{&pYq&9eGaArA~*kA { + it('should render successfully', () => { + const { baseElement } = render() + expect(baseElement).toBeTruthy() + }) +}) diff --git a/apps/cd-test/src/app/api/hello/route.ts b/apps/cd-test/src/app/api/hello/route.ts new file mode 100644 index 000000000000..e74df4e77465 --- /dev/null +++ b/apps/cd-test/src/app/api/hello/route.ts @@ -0,0 +1,3 @@ +export async function GET(request: Request) { + return new Response('Hello, from API!') +} diff --git a/apps/cd-test/src/app/global.css b/apps/cd-test/src/app/global.css new file mode 100644 index 000000000000..819c00c963ed --- /dev/null +++ b/apps/cd-test/src/app/global.css @@ -0,0 +1,409 @@ +html { + -webkit-text-size-adjust: 100%; + font-family: ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, + Segoe UI, Roboto, Helvetica Neue, Arial, Noto Sans, sans-serif, + Apple Color Emoji, Segoe UI Emoji, Segoe UI Symbol, Noto Color Emoji; + line-height: 1.5; + tab-size: 4; + scroll-behavior: smooth; +} +body { + font-family: inherit; + line-height: inherit; + margin: 0; +} +h1, +h2, +p, +pre { + margin: 0; +} +*, +::before, +::after { + box-sizing: border-box; + border-width: 0; + border-style: solid; + border-color: currentColor; +} +h1, +h2 { + font-size: inherit; + font-weight: inherit; +} +a { + color: inherit; + text-decoration: inherit; +} +pre { + font-family: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, + Liberation Mono, Courier New, monospace; +} +svg { + display: block; + vertical-align: middle; + shape-rendering: auto; + text-rendering: optimizeLegibility; +} +pre { + background-color: rgba(55, 65, 81, 1); + border-radius: 0.25rem; + color: rgba(229, 231, 235, 1); + font-family: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, + Liberation Mono, Courier New, monospace; + overflow: scroll; + padding: 0.5rem 0.75rem; +} + +.shadow { + box-shadow: 0 0 #0000, 0 0 #0000, 0 10px 15px -3px rgba(0, 0, 0, 0.1), + 0 4px 6px -2px rgba(0, 0, 0, 0.05); +} +.rounded { + border-radius: 1.5rem; +} +.wrapper { + width: 100%; +} +.container { + margin-left: auto; + margin-right: auto; + max-width: 768px; + padding-bottom: 3rem; + padding-left: 1rem; + padding-right: 1rem; + color: rgba(55, 65, 81, 1); + width: 100%; +} +#welcome { + margin-top: 2.5rem; +} +#welcome h1 { + font-size: 3rem; + font-weight: 500; + letter-spacing: -0.025em; + line-height: 1; +} +#welcome span { + display: block; + font-size: 1.875rem; + font-weight: 300; + line-height: 2.25rem; + margin-bottom: 0.5rem; +} +#hero { + align-items: center; + background-color: hsla(214, 62%, 21%, 1); + border: none; + box-sizing: border-box; + color: rgba(55, 65, 81, 1); + display: grid; + grid-template-columns: 1fr; + margin-top: 3.5rem; +} +#hero .text-container { + color: rgba(255, 255, 255, 1); + padding: 3rem 2rem; +} +#hero .text-container h2 { + font-size: 1.5rem; + line-height: 2rem; + position: relative; +} +#hero .text-container h2 svg { + color: hsla(162, 47%, 50%, 1); + height: 2rem; + left: -0.25rem; + position: absolute; + top: 0; + width: 2rem; +} +#hero .text-container h2 span { + margin-left: 2.5rem; +} +#hero .text-container a { + background-color: rgba(255, 255, 255, 1); + border-radius: 0.75rem; + color: rgba(55, 65, 81, 1); + display: inline-block; + margin-top: 1.5rem; + padding: 1rem 2rem; + text-decoration: inherit; +} +#hero .logo-container { + display: none; + justify-content: center; + padding-left: 2rem; + padding-right: 2rem; +} +#hero .logo-container svg { + color: rgba(255, 255, 255, 1); + width: 66.666667%; +} +#middle-content { + align-items: flex-start; + display: grid; + gap: 4rem; + grid-template-columns: 1fr; + margin-top: 3.5rem; +} +#learning-materials { + padding: 2.5rem 2rem; +} +#learning-materials h2 { + font-weight: 500; + font-size: 1.25rem; + letter-spacing: -0.025em; + line-height: 1.75rem; + padding-left: 1rem; + padding-right: 1rem; +} +.list-item-link { + align-items: center; + border-radius: 0.75rem; + display: flex; + margin-top: 1rem; + padding: 1rem; + transition-property: background-color, border-color, color, fill, stroke, + opacity, box-shadow, transform, filter, backdrop-filter, + -webkit-backdrop-filter; + transition-timing-function: cubic-bezier(0.4, 0, 0.2, 1); + transition-duration: 150ms; + width: 100%; +} +.list-item-link svg:first-child { + margin-right: 1rem; + height: 1.5rem; + transition-property: background-color, border-color, color, fill, stroke, + opacity, box-shadow, transform, filter, backdrop-filter, + -webkit-backdrop-filter; + transition-timing-function: cubic-bezier(0.4, 0, 0.2, 1); + transition-duration: 150ms; + width: 1.5rem; +} +.list-item-link > span { + flex-grow: 1; + font-weight: 400; + transition-property: background-color, border-color, color, fill, stroke, + opacity, box-shadow, transform, filter, backdrop-filter, + -webkit-backdrop-filter; + transition-timing-function: cubic-bezier(0.4, 0, 0.2, 1); + transition-duration: 150ms; +} +.list-item-link > span > span { + color: rgba(107, 114, 128, 1); + display: block; + flex-grow: 1; + font-size: 0.75rem; + font-weight: 300; + line-height: 1rem; + transition-property: background-color, border-color, color, fill, stroke, + opacity, box-shadow, transform, filter, backdrop-filter, + -webkit-backdrop-filter; + transition-timing-function: cubic-bezier(0.4, 0, 0.2, 1); + transition-duration: 150ms; +} +.list-item-link svg:last-child { + height: 1rem; + transition-property: all; + transition-timing-function: cubic-bezier(0.4, 0, 0.2, 1); + transition-duration: 150ms; + width: 1rem; +} +.list-item-link:hover { + color: rgba(255, 255, 255, 1); + background-color: hsla(162, 47%, 50%, 1); +} +.list-item-link:hover > span { +} +.list-item-link:hover > span > span { + color: rgba(243, 244, 246, 1); +} +.list-item-link:hover svg:last-child { + transform: translateX(0.25rem); +} +#other-links { +} +.button-pill { + padding: 1.5rem 2rem; + transition-duration: 300ms; + transition-property: background-color, border-color, color, fill, stroke, + opacity, box-shadow, transform, filter, backdrop-filter, + -webkit-backdrop-filter; + transition-timing-function: cubic-bezier(0.4, 0, 0.2, 1); + align-items: center; + display: flex; +} +.button-pill svg { + transition-property: background-color, border-color, color, fill, stroke, + opacity, box-shadow, transform, filter, backdrop-filter, + -webkit-backdrop-filter; + transition-timing-function: cubic-bezier(0.4, 0, 0.2, 1); + transition-duration: 150ms; + flex-shrink: 0; + width: 3rem; +} +.button-pill > span { + letter-spacing: -0.025em; + font-weight: 400; + font-size: 1.125rem; + line-height: 1.75rem; + padding-left: 1rem; + padding-right: 1rem; +} +.button-pill span span { + display: block; + font-size: 0.875rem; + font-weight: 300; + line-height: 1.25rem; +} +.button-pill:hover svg, +.button-pill:hover { + color: rgba(255, 255, 255, 1) !important; +} +#nx-console:hover { + background-color: rgba(0, 122, 204, 1); +} +#nx-console svg { + color: rgba(0, 122, 204, 1); +} +#nx-console-jetbrains { + margin-top: 2rem; +} +#nx-console-jetbrains:hover { + background-color: rgba(255, 49, 140, 1); +} +#nx-console-jetbrains svg { + color: rgba(255, 49, 140, 1); +} +#nx-repo:hover { + background-color: rgba(24, 23, 23, 1); +} +#nx-repo svg { + color: rgba(24, 23, 23, 1); +} +#nx-cloud { + margin-bottom: 2rem; + margin-top: 2rem; + padding: 2.5rem 2rem; +} +#nx-cloud > div { + align-items: center; + display: flex; +} +#nx-cloud > div svg { + border-radius: 0.375rem; + flex-shrink: 0; + width: 3rem; +} +#nx-cloud > div h2 { + font-size: 1.125rem; + font-weight: 400; + letter-spacing: -0.025em; + line-height: 1.75rem; + padding-left: 1rem; + padding-right: 1rem; +} +#nx-cloud > div h2 span { + display: block; + font-size: 0.875rem; + font-weight: 300; + line-height: 1.25rem; +} +#nx-cloud p { + font-size: 1rem; + line-height: 1.5rem; + margin-top: 1rem; +} +#nx-cloud pre { + margin-top: 1rem; +} +#nx-cloud a { + color: rgba(107, 114, 128, 1); + display: block; + font-size: 0.875rem; + line-height: 1.25rem; + margin-top: 1.5rem; + text-align: right; +} +#nx-cloud a:hover { + text-decoration: underline; +} +#commands { + padding: 2.5rem 2rem; + margin-top: 3.5rem; +} +#commands h2 { + font-size: 1.25rem; + font-weight: 400; + letter-spacing: -0.025em; + line-height: 1.75rem; + padding-left: 1rem; + padding-right: 1rem; +} +#commands p { + font-size: 1rem; + font-weight: 300; + line-height: 1.5rem; + margin-top: 1rem; + padding-left: 1rem; + padding-right: 1rem; +} +details { + align-items: center; + display: flex; + margin-top: 1rem; + padding-left: 1rem; + padding-right: 1rem; + width: 100%; +} +details pre > span { + color: rgba(181, 181, 181, 1); + display: block; +} +summary { + border-radius: 0.5rem; + display: flex; + font-weight: 400; + padding: 0.5rem; + cursor: pointer; + transition-property: background-color, border-color, color, fill, stroke, + opacity, box-shadow, transform, filter, backdrop-filter, + -webkit-backdrop-filter; + transition-timing-function: cubic-bezier(0.4, 0, 0.2, 1); + transition-duration: 150ms; +} +summary:hover { + background-color: rgba(243, 244, 246, 1); +} +summary svg { + height: 1.5rem; + margin-right: 1rem; + width: 1.5rem; +} +#love { + color: rgba(107, 114, 128, 1); + font-size: 0.875rem; + line-height: 1.25rem; + margin-top: 3.5rem; + opacity: 0.6; + text-align: center; +} +#love svg { + color: rgba(252, 165, 165, 1); + width: 1.25rem; + height: 1.25rem; + display: inline; + margin-top: -0.25rem; +} +@media screen and (min-width: 768px) { + #hero { + grid-template-columns: repeat(2, minmax(0, 1fr)); + } + #hero .logo-container { + display: flex; + } + #middle-content { + grid-template-columns: repeat(2, minmax(0, 1fr)); + } +} diff --git a/apps/cd-test/src/app/layout.tsx b/apps/cd-test/src/app/layout.tsx new file mode 100644 index 000000000000..e75e9de3c5eb --- /dev/null +++ b/apps/cd-test/src/app/layout.tsx @@ -0,0 +1,18 @@ +import './global.css' + +export const metadata = { + title: 'Welcome to apps/cd-test', + description: 'Generated by create-nx-workspace', +} + +export default function RootLayout({ + children, +}: { + children: React.ReactNode +}) { + return ( + + {children} + + ) +} diff --git a/apps/cd-test/src/app/page.module.css b/apps/cd-test/src/app/page.module.css new file mode 100644 index 000000000000..8a13e21cb311 --- /dev/null +++ b/apps/cd-test/src/app/page.module.css @@ -0,0 +1,2 @@ +.page { +} diff --git a/apps/cd-test/src/app/page.tsx b/apps/cd-test/src/app/page.tsx new file mode 100644 index 000000000000..9ee2a80acd95 --- /dev/null +++ b/apps/cd-test/src/app/page.tsx @@ -0,0 +1,469 @@ +import styles from './page.module.css' + +export default function Index() { + /* + * Replace the elements below with your own. + * + * Note: The corresponding styles are in the ./index.css file. + */ + return ( +
+
+
+
+

+ Hello there, + Welcome cd-test ๐Ÿ‘‹ +

+
+ +
+
+

+ + + + You're up and running +

+ What's next? +
+
+ + + +
+
+ +
+ + +
+ +
+

Next steps

+

Here are some things you can do with Nx:

+
+ + + + + Add UI library + + 
+                # Generate UI lib
+                nx g @nx/next:library ui
+                # Add a component
+                nx g @nx/next:component ui/src/lib/button
+
+
+
+ + + + + View project details + + 
nx show project cd-test --web
+
+
+ + + + + View interactive project graph + + 
nx graph
+
+
+ + + + + Run affected commands + + 
+                # see what's been affected by changes
+                nx affected:graph
+                # run tests for current changes
+                nx affected:test
+                # run e2e tests for current changes
+                nx affected:e2e
+
+
+
+ +

+ Carefully crafted with + + + +

+
+
+
+ ) +} diff --git a/apps/cd-test/tsconfig.json b/apps/cd-test/tsconfig.json new file mode 100644 index 000000000000..eafda05ea7ee --- /dev/null +++ b/apps/cd-test/tsconfig.json @@ -0,0 +1,40 @@ +{ + "extends": "../../tsconfig.base.json", + "compilerOptions": { + "jsx": "preserve", + "allowJs": true, + "esModuleInterop": true, + "allowSyntheticDefaultImports": true, + "strict": true, + "forceConsistentCasingInFileNames": true, + "noEmit": true, + "resolveJsonModule": true, + "isolatedModules": true, + "incremental": true, + "plugins": [ + { + "name": "next" + } + ], + "types": [ + "jest", + "node" + ] + }, + "include": [ + "**/*.ts", + "**/*.tsx", + "**/*.js", + "**/*.jsx", + "../../apps/cd-test/.next/types/**/*.ts", + "../../dist/apps/cd-test/.next/types/**/*.ts", + "next-env.d.ts", + ".next/types/**/*.ts" + ], + "exclude": [ + "node_modules", + "jest.config.ts", + "**/*.spec.ts", + "**/*.test.ts" + ] +} diff --git a/apps/cd-test/tsconfig.spec.json b/apps/cd-test/tsconfig.spec.json new file mode 100644 index 000000000000..214b2cc208c1 --- /dev/null +++ b/apps/cd-test/tsconfig.spec.json @@ -0,0 +1,21 @@ +{ + "extends": "./tsconfig.json", + "compilerOptions": { + "outDir": "../../dist/out-tsc", + "module": "commonjs", + "types": ["jest", "node"], + "jsx": "react" + }, + "include": [ + "jest.config.ts", + "src/**/*.test.ts", + "src/**/*.spec.ts", + "src/**/*.test.tsx", + "src/**/*.spec.tsx", + "src/**/*.test.js", + "src/**/*.spec.js", + "src/**/*.test.jsx", + "src/**/*.spec.jsx", + "src/**/*.d.ts" + ] +} From 751f1fe75a7db80768178eaea46f00af6f5d9816 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 6 Nov 2024 06:08:25 +0000 Subject: [PATCH 02/50] fix: rename app --- apps/{cd-test => unicorn-app}/.eslintrc.json | 0 apps/{cd-test => unicorn-app}/index.d.ts | 0 apps/{cd-test => unicorn-app}/jest.config.ts | 4 ++-- apps/{cd-test => unicorn-app}/next-env.d.ts | 0 apps/{cd-test => unicorn-app}/next.config.js | 0 apps/{cd-test => unicorn-app}/project.json | 18 +++++++++--------- apps/{cd-test => unicorn-app}/public/.gitkeep | 0 .../public/favicon.ico | Bin .../specs/index.spec.tsx | 0 .../src/app/api/hello/route.ts | 0 .../src/app/global.css | 0 .../src/app/layout.tsx | 0 .../src/app/page.module.css | 0 .../{cd-test => unicorn-app}/src/app/page.tsx | 0 apps/{cd-test => unicorn-app}/tsconfig.json | 12 ++---------- .../tsconfig.spec.json | 0 16 files changed, 13 insertions(+), 21 deletions(-) rename apps/{cd-test => unicorn-app}/.eslintrc.json (100%) rename apps/{cd-test => unicorn-app}/index.d.ts (100%) rename apps/{cd-test => unicorn-app}/jest.config.ts (76%) rename apps/{cd-test => unicorn-app}/next-env.d.ts (100%) rename apps/{cd-test => unicorn-app}/next.config.js (100%) rename apps/{cd-test => unicorn-app}/project.json (70%) rename apps/{cd-test => unicorn-app}/public/.gitkeep (100%) rename apps/{cd-test => unicorn-app}/public/favicon.ico (100%) rename apps/{cd-test => unicorn-app}/specs/index.spec.tsx (100%) rename apps/{cd-test => unicorn-app}/src/app/api/hello/route.ts (100%) rename apps/{cd-test => unicorn-app}/src/app/global.css (100%) rename apps/{cd-test => unicorn-app}/src/app/layout.tsx (100%) rename apps/{cd-test => unicorn-app}/src/app/page.module.css (100%) rename apps/{cd-test => unicorn-app}/src/app/page.tsx (100%) rename apps/{cd-test => unicorn-app}/tsconfig.json (81%) rename apps/{cd-test => unicorn-app}/tsconfig.spec.json (100%) diff --git a/apps/cd-test/.eslintrc.json b/apps/unicorn-app/.eslintrc.json similarity index 100% rename from apps/cd-test/.eslintrc.json rename to apps/unicorn-app/.eslintrc.json diff --git a/apps/cd-test/index.d.ts b/apps/unicorn-app/index.d.ts similarity index 100% rename from apps/cd-test/index.d.ts rename to apps/unicorn-app/index.d.ts diff --git a/apps/cd-test/jest.config.ts b/apps/unicorn-app/jest.config.ts similarity index 76% rename from apps/cd-test/jest.config.ts rename to apps/unicorn-app/jest.config.ts index f2201ec77c05..5705a6bac0c1 100644 --- a/apps/cd-test/jest.config.ts +++ b/apps/unicorn-app/jest.config.ts @@ -1,11 +1,11 @@ /* eslint-disable */ export default { - displayName: 'cd-test', + displayName: 'unicorn-app', preset: '../../jest.preset.js', transform: { '^(?!.*\\.(js|jsx|ts|tsx|css|json)$)': '@nx/react/plugins/jest', '^.+\\.[tj]sx?$': ['babel-jest', { presets: ['@nx/next/babel'] }], }, moduleFileExtensions: ['ts', 'tsx', 'js', 'jsx'], - coverageDirectory: '../../coverage/apps/cd-test', + coverageDirectory: '../../coverage/apps/unicorn-app', } diff --git a/apps/cd-test/next-env.d.ts b/apps/unicorn-app/next-env.d.ts similarity index 100% rename from apps/cd-test/next-env.d.ts rename to apps/unicorn-app/next-env.d.ts diff --git a/apps/cd-test/next.config.js b/apps/unicorn-app/next.config.js similarity index 100% rename from apps/cd-test/next.config.js rename to apps/unicorn-app/next.config.js diff --git a/apps/cd-test/project.json b/apps/unicorn-app/project.json similarity index 70% rename from apps/cd-test/project.json rename to apps/unicorn-app/project.json index 6af5f84a0718..011d34b1369e 100644 --- a/apps/cd-test/project.json +++ b/apps/unicorn-app/project.json @@ -1,7 +1,7 @@ { - "name": "cd-test", + "name": "unicorn-app", "$schema": "../../node_modules/nx/schemas/project-schema.json", - "sourceRoot": "apps/cd-test", + "sourceRoot": "apps/unicorn-app", "projectType": "application", "tags": [], "targets": { @@ -10,11 +10,11 @@ "outputs": ["{options.outputPath}"], "defaultConfiguration": "production", "options": { - "outputPath": "dist/apps/cd-test" + "outputPath": "dist/apps/unicorn-app" }, "configurations": { "development": { - "outputPath": "apps/cd-test" + "outputPath": "apps/unicorn-app" }, "production": {} } @@ -23,16 +23,16 @@ "executor": "@nx/next:server", "defaultConfiguration": "development", "options": { - "buildTarget": "cd-test:build", + "buildTarget": "unicorn-app:build", "dev": true }, "configurations": { "development": { - "buildTarget": "cd-test:build:development", + "buildTarget": "unicorn-app:build:development", "dev": true }, "production": { - "buildTarget": "cd-test:build:production", + "buildTarget": "unicorn-app:build:production", "dev": false } } @@ -40,14 +40,14 @@ "export": { "executor": "@nx/next:export", "options": { - "buildTarget": "cd-test:build:production" + "buildTarget": "unicorn-app:build:production" } }, "test": { "executor": "@nx/jest:jest", "outputs": ["{workspaceRoot}/coverage/{projectRoot}"], "options": { - "jestConfig": "apps/cd-test/jest.config.ts" + "jestConfig": "apps/unicorn-app/jest.config.ts" } }, "lint": { diff --git a/apps/cd-test/public/.gitkeep b/apps/unicorn-app/public/.gitkeep similarity index 100% rename from apps/cd-test/public/.gitkeep rename to apps/unicorn-app/public/.gitkeep diff --git a/apps/cd-test/public/favicon.ico b/apps/unicorn-app/public/favicon.ico similarity index 100% rename from apps/cd-test/public/favicon.ico rename to apps/unicorn-app/public/favicon.ico diff --git a/apps/cd-test/specs/index.spec.tsx b/apps/unicorn-app/specs/index.spec.tsx similarity index 100% rename from apps/cd-test/specs/index.spec.tsx rename to apps/unicorn-app/specs/index.spec.tsx diff --git a/apps/cd-test/src/app/api/hello/route.ts b/apps/unicorn-app/src/app/api/hello/route.ts similarity index 100% rename from apps/cd-test/src/app/api/hello/route.ts rename to apps/unicorn-app/src/app/api/hello/route.ts diff --git a/apps/cd-test/src/app/global.css b/apps/unicorn-app/src/app/global.css similarity index 100% rename from apps/cd-test/src/app/global.css rename to apps/unicorn-app/src/app/global.css diff --git a/apps/cd-test/src/app/layout.tsx b/apps/unicorn-app/src/app/layout.tsx similarity index 100% rename from apps/cd-test/src/app/layout.tsx rename to apps/unicorn-app/src/app/layout.tsx diff --git a/apps/cd-test/src/app/page.module.css b/apps/unicorn-app/src/app/page.module.css similarity index 100% rename from apps/cd-test/src/app/page.module.css rename to apps/unicorn-app/src/app/page.module.css diff --git a/apps/cd-test/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx similarity index 100% rename from apps/cd-test/src/app/page.tsx rename to apps/unicorn-app/src/app/page.tsx diff --git a/apps/cd-test/tsconfig.json b/apps/unicorn-app/tsconfig.json similarity index 81% rename from apps/cd-test/tsconfig.json rename to apps/unicorn-app/tsconfig.json index eafda05ea7ee..7b5cf9769903 100644 --- a/apps/cd-test/tsconfig.json +++ b/apps/unicorn-app/tsconfig.json @@ -16,10 +16,7 @@ "name": "next" } ], - "types": [ - "jest", - "node" - ] + "types": ["jest", "node"] }, "include": [ "**/*.ts", @@ -31,10 +28,5 @@ "next-env.d.ts", ".next/types/**/*.ts" ], - "exclude": [ - "node_modules", - "jest.config.ts", - "**/*.spec.ts", - "**/*.test.ts" - ] + "exclude": ["node_modules", "jest.config.ts", "**/*.spec.ts", "**/*.test.ts"] } diff --git a/apps/cd-test/tsconfig.spec.json b/apps/unicorn-app/tsconfig.spec.json similarity index 100% rename from apps/cd-test/tsconfig.spec.json rename to apps/unicorn-app/tsconfig.spec.json From d782605a2e891e39123433bbebcb4771beb0eb33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 6 Nov 2024 06:15:01 +0000 Subject: [PATCH 03/50] fix: name --- apps/unicorn-app/src/app/layout.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/unicorn-app/src/app/layout.tsx b/apps/unicorn-app/src/app/layout.tsx index e75e9de3c5eb..43b373a18bf6 100644 --- a/apps/unicorn-app/src/app/layout.tsx +++ b/apps/unicorn-app/src/app/layout.tsx @@ -1,7 +1,7 @@ import './global.css' export const metadata = { - title: 'Welcome to apps/cd-test', + title: 'Welcome to Unicorn app', description: 'Generated by create-nx-workspace', } From 1842bf3a265c6a963acec7539ce96774c2f7608f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 6 Nov 2024 06:35:48 +0000 Subject: [PATCH 04/50] fix: added dummy queries and codegen target --- apps/unicorn-app/codegen.yml | 24 ++++++++++++++++++++++++ apps/unicorn-app/project.json | 6 ++++++ apps/unicorn-app/src/app/page.tsx | 2 +- apps/unicorn-app/src/queries/index.ts | 17 +++++++++++++++++ apps/unicorn-app/src/types/index.ts | 15 +++++++++++++++ 5 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 apps/unicorn-app/codegen.yml create mode 100644 apps/unicorn-app/src/queries/index.ts create mode 100644 apps/unicorn-app/src/types/index.ts diff --git a/apps/unicorn-app/codegen.yml b/apps/unicorn-app/codegen.yml new file mode 100644 index 000000000000..bcc1fe6a884d --- /dev/null +++ b/apps/unicorn-app/codegen.yml @@ -0,0 +1,24 @@ +schema: + - apps/api/src/api.graphql +documents: apps/unicorn-app/src/queries/*.{ts,tsx} +generates: + apps/web/graphql/schema.ts: + plugins: + - typescript + - typescript-operations + config: + exportFragmentSpreadSubTypes: true + scalars: + DateTime: Date + JSON: '{ [key: string]: any }' + namingConvention: + typeNames: change-case#pascalCase + apps/web/graphql/fragmentTypes.json: + plugins: + - fragment-matcher + config: + module: commonjs + apolloClientVersion: 3 +hooks: + afterAllFileWrite: + - prettier --write diff --git a/apps/unicorn-app/project.json b/apps/unicorn-app/project.json index 011d34b1369e..c6c7874a714f 100644 --- a/apps/unicorn-app/project.json +++ b/apps/unicorn-app/project.json @@ -52,6 +52,12 @@ }, "lint": { "executor": "@nx/eslint:lint" + }, + "codegen/frontend-client": { + "executor": "nx:run-commands", + "options": { + "command": "graphql-codegen --config apps/unicorn-app/codegen.yml" + } } } } diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index 9ee2a80acd95..9bcaa83d9ee0 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -13,7 +13,7 @@ export default function Index() {

Hello there, - Welcome cd-test ๐Ÿ‘‹ + Welcome unicorn ๐Ÿฆ„

diff --git a/apps/unicorn-app/src/queries/index.ts b/apps/unicorn-app/src/queries/index.ts new file mode 100644 index 000000000000..1ca58392d6d2 --- /dev/null +++ b/apps/unicorn-app/src/queries/index.ts @@ -0,0 +1,17 @@ +import gql from 'graphql-tag' + +export const GET_ERROR_PAGE = gql` + query ErrorPage($input: GetErrorPageInput!) { + getErrorPage(input: $input) { + errorCode + title + description { + ... on Html { + __typename + id + document + } + } + } + } +` diff --git a/apps/unicorn-app/src/types/index.ts b/apps/unicorn-app/src/types/index.ts new file mode 100644 index 000000000000..22eaaeb8fa0a --- /dev/null +++ b/apps/unicorn-app/src/types/index.ts @@ -0,0 +1,15 @@ +import { ApolloClient, NormalizedCacheObject } from '@apollo/client' +import { NextComponentType, NextPageContext } from 'next' +import { Locale } from '@island.is/shared/types' + +export type GetInitialPropsContext = Context & { + apolloClient: ApolloClient + locale: Locale + localeKey: Locale +} + +export type Screen = NextComponentType< + GetInitialPropsContext, + Props, + Props +> From 4fd5dd2d3068304caae471c78b9ad3677de19ab1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 6 Nov 2024 06:40:43 +0000 Subject: [PATCH 05/50] fix: eslint --- apps/unicorn-app/.eslintrc.json | 56 ++++++++++++++++++++++--------- apps/unicorn-app/src/app/page.tsx | 2 +- apps/unicorn-app/tsconfig.json | 7 ++-- 3 files changed, 45 insertions(+), 20 deletions(-) diff --git a/apps/unicorn-app/.eslintrc.json b/apps/unicorn-app/.eslintrc.json index c0ddea95cc56..b0b7131a6c3a 100644 --- a/apps/unicorn-app/.eslintrc.json +++ b/apps/unicorn-app/.eslintrc.json @@ -1,17 +1,47 @@ { - "extends": [ - "plugin:@nx/react-typescript", - "next", - "next/core-web-vitals", - "../../.eslintrc.json" - ], - "ignorePatterns": ["!**/*", ".next/**/*"], + "extends": ["plugin:@nx/react", "../../.eslintrc.json"], + "ignorePatterns": ["!**/*"], + "rules": { + "@nx/enforce-module-boundaries": [ + "error", + { + "enforceBuildableLibDependency": true, + "allowCircularSelfDependency": true, + "allow": ["../../../infra/src/dsl"], + "depConstraints": [ + { + "sourceTag": "*", + "onlyDependOnLibsWithTags": ["*"] + } + ] + } + ], + "simple-import-sort/imports": [ + "warn", + { + "groups": [ + // React related packages come first, followed by all external imports. + ["^react", "^\\w", "^@(?!island).+"], + // Then island.is packages. + ["^(@island.is).*"], + // Then all other imports in this order: "../", "./", "./css" + [ + "^\\.\\.(?!/?$)", + "^\\.\\./?$", + "^\\./(?=.*/)(?!/?$)", + "^\\.(?!/?$)", + "^\\./?$", + "^.+\\.?(css)$" + ] + ] + } + ] + }, + "plugins": ["simple-import-sort"], "overrides": [ { "files": ["*.ts", "*.tsx", "*.js", "*.jsx"], - "rules": { - "@next/next/no-html-link-for-pages": ["error", "apps/cd-test/pages"] - } + "rules": {} }, { "files": ["*.ts", "*.tsx"], @@ -20,12 +50,6 @@ { "files": ["*.js", "*.jsx"], "rules": {} - }, - { - "files": ["*.spec.ts", "*.spec.tsx", "*.spec.js", "*.spec.jsx"], - "env": { - "jest": true - } } ] } diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index 9bcaa83d9ee0..42e723e0988b 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -397,7 +397,7 @@ export default function Index() { View project details - 
nx show project cd-test --web
+ 
nx show project unicorn-app --web
diff --git a/apps/unicorn-app/tsconfig.json b/apps/unicorn-app/tsconfig.json index 7b5cf9769903..16b4ce4c1b76 100644 --- a/apps/unicorn-app/tsconfig.json +++ b/apps/unicorn-app/tsconfig.json @@ -23,10 +23,11 @@ "**/*.tsx", "**/*.js", "**/*.jsx", - "../../apps/cd-test/.next/types/**/*.ts", - "../../dist/apps/cd-test/.next/types/**/*.ts", + "../../apps/unicorn-app/.next/types/**/*.ts", + "../../dist/apps/unicorn-app/.next/types/**/*.ts", "next-env.d.ts", - ".next/types/**/*.ts" + ".next/types/**/*.ts", + "../../dist/apps/unicorn-app/.next/types/**/*.ts" ], "exclude": ["node_modules", "jest.config.ts", "**/*.spec.ts", "**/*.test.ts"] } From 3a170007134766d39cbca2f584b9b17f6050f7b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 6 Nov 2024 06:52:50 +0000 Subject: [PATCH 06/50] fix: style --- apps/unicorn-app/src/app/global.css | 2 +- apps/unicorn-app/src/app/page.tsx | 456 +--------------------------- 2 files changed, 4 insertions(+), 454 deletions(-) diff --git a/apps/unicorn-app/src/app/global.css b/apps/unicorn-app/src/app/global.css index 819c00c963ed..2a8880df280a 100644 --- a/apps/unicorn-app/src/app/global.css +++ b/apps/unicorn-app/src/app/global.css @@ -86,7 +86,7 @@ pre { } #welcome span { display: block; - font-size: 1.875rem; + font-size: 3.875rem; font-weight: 300; line-height: 2.25rem; margin-bottom: 0.5rem; diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index 42e723e0988b..7001f2f5d8ae 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -1,467 +1,17 @@ import styles from './page.module.css' export default function Index() { - /* - * Replace the elements below with your own. - * - * Note: The corresponding styles are in the ./index.css file. - */ return (

- Hello there, - Welcome unicorn ๐Ÿฆ„ + + Welcome unicorn ๐Ÿฆ„ +

- -
-
-

- - - - You're up and running -

- What's next? -
-
- - - -
-
- -
- - -
- -
-

Next steps

-

Here are some things you can do with Nx:

-
- - - - - Add UI library - - 
-                # Generate UI lib
-                nx g @nx/next:library ui
-                # Add a component
-                nx g @nx/next:component ui/src/lib/button
-
-
-
- - - - - View project details - - 
nx show project unicorn-app --web
-
-
- - - - - View interactive project graph - - 
nx graph
-
-
- - - - - Run affected commands - - 
-                # see what's been affected by changes
-                nx affected:graph
-                # run tests for current changes
-                nx affected:test
-                # run e2e tests for current changes
-                nx affected:e2e
-
-
-
- -

- Carefully crafted with - - - -

From 93e771bfcc026eb26e73e3b67e1777db423f0b9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 6 Nov 2024 06:56:26 +0000 Subject: [PATCH 07/50] fix: import query --- apps/unicorn-app/src/app/page.tsx | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index 7001f2f5d8ae..2921cd74278f 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -1,4 +1,5 @@ import styles from './page.module.css' +import { GET_ERROR_PAGE } from '../queries' export default function Index() { return ( From dc5a66f7633bde88e769ebd16f14b66c170a2591 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 6 Nov 2024 07:03:50 +0000 Subject: [PATCH 08/50] fix: import shared type --- apps/unicorn-app/src/types/index.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apps/unicorn-app/src/types/index.ts b/apps/unicorn-app/src/types/index.ts index 22eaaeb8fa0a..190c20ae7a15 100644 --- a/apps/unicorn-app/src/types/index.ts +++ b/apps/unicorn-app/src/types/index.ts @@ -1,7 +1,8 @@ import { ApolloClient, NormalizedCacheObject } from '@apollo/client' import { NextComponentType, NextPageContext } from 'next' -import { Locale } from '@island.is/shared/types' +import { Locale, Environment } from '@island.is/shared/types' +console.log(Environment.Development) export type GetInitialPropsContext = Context & { apolloClient: ApolloClient locale: Locale From b7a2b700b1d428bffff3b4bb08d963a75a02ec8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 6 Nov 2024 07:13:03 +0000 Subject: [PATCH 09/50] fix: affect shared/types --- libs/shared/types/src/lib/unicorn.ts | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 libs/shared/types/src/lib/unicorn.ts diff --git a/libs/shared/types/src/lib/unicorn.ts b/libs/shared/types/src/lib/unicorn.ts new file mode 100644 index 000000000000..9e22737c1eac --- /dev/null +++ b/libs/shared/types/src/lib/unicorn.ts @@ -0,0 +1,3 @@ +export enum Unicorn { + Affected = 'affected', +} From 6872af9f5646b397d69f2af5e787e52392a0c48f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Thu, 7 Nov 2024 13:21:08 +0000 Subject: [PATCH 10/50] fix: add docker-next target --- apps/unicorn-app/project.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/apps/unicorn-app/project.json b/apps/unicorn-app/project.json index c6c7874a714f..63f8f85e637c 100644 --- a/apps/unicorn-app/project.json +++ b/apps/unicorn-app/project.json @@ -58,6 +58,9 @@ "options": { "command": "graphql-codegen --config apps/unicorn-app/codegen.yml" } + }, + "docker-next": { + "executor": "Intentionally left blank, only so this target is valid when using `nx show projects --with-target docker-next`" } } } From 753474b1e905588ffe6b334edadc055b3d0a84e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Thu, 7 Nov 2024 13:48:40 +0000 Subject: [PATCH 11/50] fix: nx project and infra --- apps/unicorn-app/.eslintrc.json | 2 +- apps/unicorn-app/infra/infra.ts | 34 ++++++++++++++++ apps/unicorn-app/project.json | 57 +++++++++++++++++++++------ apps/unicorn-app/server.ts | 6 +++ apps/unicorn-app/tsconfig.json | 25 +++--------- apps/unicorn-app/tsconfig.server.json | 15 +++++++ apps/unicorn-app/webpack.config.js | 8 ++++ tsconfig.base.json | 1 + 8 files changed, 116 insertions(+), 32 deletions(-) create mode 100644 apps/unicorn-app/infra/infra.ts create mode 100644 apps/unicorn-app/server.ts create mode 100644 apps/unicorn-app/tsconfig.server.json create mode 100644 apps/unicorn-app/webpack.config.js diff --git a/apps/unicorn-app/.eslintrc.json b/apps/unicorn-app/.eslintrc.json index b0b7131a6c3a..481597a31358 100644 --- a/apps/unicorn-app/.eslintrc.json +++ b/apps/unicorn-app/.eslintrc.json @@ -37,7 +37,7 @@ } ] }, - "plugins": ["simple-import-sort"], + "plugins": ["eslint-plugin-jsx-a11y", "simple-import-sort"], "overrides": [ { "files": ["*.ts", "*.tsx", "*.js", "*.jsx"], diff --git a/apps/unicorn-app/infra/infra.ts b/apps/unicorn-app/infra/infra.ts new file mode 100644 index 000000000000..47fdfe93c611 --- /dev/null +++ b/apps/unicorn-app/infra/infra.ts @@ -0,0 +1,34 @@ +import { service, ServiceBuilder } from '../../../infra/src/dsl/dsl' +const serviceName = 'unicorn-app' +export const serviceSetup = (): ServiceBuilder => + service(serviceName) + .image(serviceName) + .namespace(serviceName) + .serviceAccount(serviceName) + .ingress({ + primary: { + host: { + dev: serviceName, + staging: serviceName, + prod: serviceName, + }, + paths: ['/'], + }, + }) + .replicaCount({ + default: 1, + min: 1, + max: 10, + }) + .resources({ + limits: { + cpu: '200m', + memory: '256Mi', + }, + requests: { + cpu: '50m', + memory: '128Mi', + }, + }) + .liveness('/liveness') + .readiness('/readiness') diff --git a/apps/unicorn-app/project.json b/apps/unicorn-app/project.json index 63f8f85e637c..c7b92fdd580a 100644 --- a/apps/unicorn-app/project.json +++ b/apps/unicorn-app/project.json @@ -3,7 +3,7 @@ "$schema": "../../node_modules/nx/schemas/project-schema.json", "sourceRoot": "apps/unicorn-app", "projectType": "application", - "tags": [], + "tags": ["scope:react-next"], "targets": { "build": { "executor": "@nx/next:build", @@ -17,6 +17,29 @@ "outputPath": "apps/unicorn-app" }, "production": {} + }, + "dependsOn": ["build-custom-server"] + }, + "build-custom-server": { + "executor": "@nx/webpack:webpack", + "defaultConfiguration": "production", + "options": { + "outputPath": "dist/apps/unicorn-app", + "main": "apps/unicorn-app/server.ts", + "tsConfig": "apps/unicorn-app/tsconfig.server.json", + "maxWorkers": 2, + "assets": [], + "compiler": "tsc", + "target": "node", + "webpackConfig": "apps/unicorn-app/webpack.config.js" + }, + "configurations": { + "development": {}, + "production": { + "optimization": true, + "extractLicenses": true, + "inspect": false + } } }, "serve": { @@ -24,16 +47,34 @@ "defaultConfiguration": "development", "options": { "buildTarget": "unicorn-app:build", - "dev": true + "dev": true, + "customServerTarget": "unicorn-app:serve-custom-server" }, "configurations": { "development": { "buildTarget": "unicorn-app:build:development", - "dev": true + "dev": true, + "customServerTarget": "unicorn-app:serve-custom-server:development" }, "production": { "buildTarget": "unicorn-app:build:production", - "dev": false + "dev": false, + "customServerTarget": "unicorn-app:serve-custom-server:production" + } + } + }, + "serve-custom-server": { + "executor": "@nx/js:node", + "defaultConfiguration": "development", + "options": { + "buildTarget": "unicorn-app:build-custom-server" + }, + "configurations": { + "development": { + "buildTarget": "unicorn-app:build-custom-server:development" + }, + "production": { + "buildTarget": "unicorn-app:build-custom-server:production" } } }, @@ -45,7 +86,7 @@ }, "test": { "executor": "@nx/jest:jest", - "outputs": ["{workspaceRoot}/coverage/{projectRoot}"], + "outputs": ["{workspaceRoot}/coverage/apps/unicorn-app"], "options": { "jestConfig": "apps/unicorn-app/jest.config.ts" } @@ -53,12 +94,6 @@ "lint": { "executor": "@nx/eslint:lint" }, - "codegen/frontend-client": { - "executor": "nx:run-commands", - "options": { - "command": "graphql-codegen --config apps/unicorn-app/codegen.yml" - } - }, "docker-next": { "executor": "Intentionally left blank, only so this target is valid when using `nx show projects --with-target docker-next`" } diff --git a/apps/unicorn-app/server.ts b/apps/unicorn-app/server.ts new file mode 100644 index 000000000000..0333680a52a4 --- /dev/null +++ b/apps/unicorn-app/server.ts @@ -0,0 +1,6 @@ +import { bootstrap } from '@island.is/infra-next-server' + +bootstrap({ + name: 'unicorn-app', + appDir: 'apps/unicorn-app', +}) diff --git a/apps/unicorn-app/tsconfig.json b/apps/unicorn-app/tsconfig.json index 16b4ce4c1b76..d01532f398fa 100644 --- a/apps/unicorn-app/tsconfig.json +++ b/apps/unicorn-app/tsconfig.json @@ -5,29 +5,14 @@ "allowJs": true, "esModuleInterop": true, "allowSyntheticDefaultImports": true, - "strict": true, + "types": ["node", "jest"], + "strict": false, "forceConsistentCasingInFileNames": true, "noEmit": true, "resolveJsonModule": true, "isolatedModules": true, - "incremental": true, - "plugins": [ - { - "name": "next" - } - ], - "types": ["jest", "node"] + "incremental": true }, - "include": [ - "**/*.ts", - "**/*.tsx", - "**/*.js", - "**/*.jsx", - "../../apps/unicorn-app/.next/types/**/*.ts", - "../../dist/apps/unicorn-app/.next/types/**/*.ts", - "next-env.d.ts", - ".next/types/**/*.ts", - "../../dist/apps/unicorn-app/.next/types/**/*.ts" - ], - "exclude": ["node_modules", "jest.config.ts", "**/*.spec.ts", "**/*.test.ts"] + "include": ["**/*.ts", "**/*.tsx", "**/*.js", "**/*.jsx", "next-env.d.ts"], + "exclude": ["node_modules", "jest.config.ts"] } diff --git a/apps/unicorn-app/tsconfig.server.json b/apps/unicorn-app/tsconfig.server.json new file mode 100644 index 000000000000..7fdcbcfa0915 --- /dev/null +++ b/apps/unicorn-app/tsconfig.server.json @@ -0,0 +1,15 @@ +{ + "extends": "./tsconfig.json", + "compilerOptions": { + "module": "commonjs", + "noEmit": false, + "incremental": true, + "tsBuildInfoFile": "../../tmp/buildcache/apps/unicorn-app/server", + "types": [ + "node" + ] + }, + "include": [ + "server.ts" + ] +} diff --git a/apps/unicorn-app/webpack.config.js b/apps/unicorn-app/webpack.config.js new file mode 100644 index 000000000000..95e68d080f5b --- /dev/null +++ b/apps/unicorn-app/webpack.config.js @@ -0,0 +1,8 @@ +const { composePlugins, withNx } = require('@nx/webpack') + +// Nx plugins for webpack. +module.exports = composePlugins(withNx(), (config) => { + // Note: This was added by an Nx migration. Webpack builds are required to have a corresponding Webpack config file. + // See: https://nx.dev/recipes/webpack/webpack-config-setup + return config +}) diff --git a/tsconfig.base.json b/tsconfig.base.json index 2e16da92f52a..bbb0c5a29287 100644 --- a/tsconfig.base.json +++ b/tsconfig.base.json @@ -1128,6 +1128,7 @@ "@island.is/testing/e2e": ["libs/testing/e2e/src/index.ts"], "@island.is/testing/fixtures": ["libs/testing/fixtures/src/index.ts"], "@island.is/testing/nest": ["libs/testing/nest/src/index.ts"], + "@island.is/unicorn-app/*": ["apps/unicorn-app/*"], "@island.is/university-gateway": ["libs/university-gateway/src/index.ts"], "@island.is/user-monitoring": ["libs/user-monitoring/src/index.ts"], "@island.is/web/*": ["apps/web/*"], From 1576442221c9baa7369fb715098d1b34d9237577 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Thu, 7 Nov 2024 13:49:55 +0000 Subject: [PATCH 12/50] chore: eslint --- apps/unicorn-app/tsconfig.json | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/apps/unicorn-app/tsconfig.json b/apps/unicorn-app/tsconfig.json index d01532f398fa..8bdf237ab044 100644 --- a/apps/unicorn-app/tsconfig.json +++ b/apps/unicorn-app/tsconfig.json @@ -5,14 +5,32 @@ "allowJs": true, "esModuleInterop": true, "allowSyntheticDefaultImports": true, - "types": ["node", "jest"], + "types": [ + "node", + "jest" + ], "strict": false, "forceConsistentCasingInFileNames": true, "noEmit": true, "resolveJsonModule": true, "isolatedModules": true, - "incremental": true + "incremental": true, + "plugins": [ + { + "name": "next" + } + ] }, - "include": ["**/*.ts", "**/*.tsx", "**/*.js", "**/*.jsx", "next-env.d.ts"], - "exclude": ["node_modules", "jest.config.ts"] + "include": [ + "**/*.ts", + "**/*.tsx", + "**/*.js", + "**/*.jsx", + "next-env.d.ts", + ".next/types/**/*.ts" + ], + "exclude": [ + "node_modules", + "jest.config.ts" + ] } From f191a17d6a1327cae5e9f45ce28b0a4520af5ac7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Thu, 7 Nov 2024 13:50:19 +0000 Subject: [PATCH 13/50] chore: eslint --- apps/unicorn-app/tsconfig.json | 10 ++-------- apps/unicorn-app/tsconfig.server.json | 8 ++------ 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/apps/unicorn-app/tsconfig.json b/apps/unicorn-app/tsconfig.json index 8bdf237ab044..37e77ed8c826 100644 --- a/apps/unicorn-app/tsconfig.json +++ b/apps/unicorn-app/tsconfig.json @@ -5,10 +5,7 @@ "allowJs": true, "esModuleInterop": true, "allowSyntheticDefaultImports": true, - "types": [ - "node", - "jest" - ], + "types": ["node", "jest"], "strict": false, "forceConsistentCasingInFileNames": true, "noEmit": true, @@ -29,8 +26,5 @@ "next-env.d.ts", ".next/types/**/*.ts" ], - "exclude": [ - "node_modules", - "jest.config.ts" - ] + "exclude": ["node_modules", "jest.config.ts"] } diff --git a/apps/unicorn-app/tsconfig.server.json b/apps/unicorn-app/tsconfig.server.json index 7fdcbcfa0915..8fafdb4be36d 100644 --- a/apps/unicorn-app/tsconfig.server.json +++ b/apps/unicorn-app/tsconfig.server.json @@ -5,11 +5,7 @@ "noEmit": false, "incremental": true, "tsBuildInfoFile": "../../tmp/buildcache/apps/unicorn-app/server", - "types": [ - "node" - ] + "types": ["node"] }, - "include": [ - "server.ts" - ] + "include": ["server.ts"] } From d413f7df54b08ec17603421a527df6c8946c583a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Thu, 7 Nov 2024 13:52:07 +0000 Subject: [PATCH 14/50] chore: remove jsx-a11y --- apps/unicorn-app/.eslintrc.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/unicorn-app/.eslintrc.json b/apps/unicorn-app/.eslintrc.json index 481597a31358..b0b7131a6c3a 100644 --- a/apps/unicorn-app/.eslintrc.json +++ b/apps/unicorn-app/.eslintrc.json @@ -37,7 +37,7 @@ } ] }, - "plugins": ["eslint-plugin-jsx-a11y", "simple-import-sort"], + "plugins": ["simple-import-sort"], "overrides": [ { "files": ["*.ts", "*.tsx", "*.js", "*.jsx"], From eb290836156c2e72303268d3c563406b2d676c1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Thu, 7 Nov 2024 14:25:13 +0000 Subject: [PATCH 15/50] fix: ignore css --- apps/unicorn-app/src/app/page.tsx | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index 2921cd74278f..eb63a6363a3a 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -1,9 +1,8 @@ -import styles from './page.module.css' import { GET_ERROR_PAGE } from '../queries' export default function Index() { return ( -
+
From 8683b6e3be2edc27ccb3fe0394b01e516645440f Mon Sep 17 00:00:00 2001 From: andes-it Date: Thu, 7 Nov 2024 14:29:20 +0000 Subject: [PATCH 16/50] chore: nx format:write update dirty files --- apps/unicorn-app/src/app/page.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index eb63a6363a3a..a38045ddb97d 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -2,7 +2,7 @@ import { GET_ERROR_PAGE } from '../queries' export default function Index() { return ( -
+
From f56de23d118adde6eff4426a1f7fd258b7905024 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Mon, 11 Nov 2024 10:39:00 +0000 Subject: [PATCH 17/50] Chore: adding unicorn to uber chart --- infra/src/uber-charts/islandis.ts | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/infra/src/uber-charts/islandis.ts b/infra/src/uber-charts/islandis.ts index 28bd6f521aaa..962f3076231f 100644 --- a/infra/src/uber-charts/islandis.ts +++ b/infra/src/uber-charts/islandis.ts @@ -65,6 +65,7 @@ import { serviceSetup as authAdminApiSetup } from '../../../apps/services/auth/a import { EnvironmentServices } from '.././dsl/types/charts' import { ServiceBuilder } from '../dsl/dsl' +import { serviceSetup as unicornAppSetup } from '../../../apps/unicorn-app/infra/infra' const endorsement = endorsementServiceSetup({}) @@ -129,6 +130,8 @@ const consultationPortal = consultationPortalSetup({ api }) const xroadCollector = xroadCollectorSetup() +const unicornApp = unicornAppSetup() + const licenseApi = licenseApiSetup() const storybook = storybookSetup({}) @@ -215,7 +218,7 @@ export const Services: EnvironmentServices = { sessionsCleanupWorker, universityGatewayService, universityGatewayWorker, - bffAdminPortalService, + bffAdminPortalService ], dev: [ appSystemApi, @@ -254,6 +257,7 @@ export const Services: EnvironmentServices = { universityGatewayService, universityGatewayWorker, bffAdminPortalService, + unicornApp ], } From 002c1ac8b5904aec1ec147374ffb8e84660f29a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Tue, 12 Nov 2024 23:55:35 +0000 Subject: [PATCH 18/50] fix: support values file per service --- .gitignore | 1 + charts/islandis/values.dev.yaml | 64 ++++++++++++++++++++++++++ infra/src/cli/generate-chart-values.ts | 39 ++++++++++++++-- infra/src/uber-charts/all-charts.ts | 10 +++- infra/src/uber-charts/unicorn-app.ts | 10 ++++ 5 files changed, 118 insertions(+), 6 deletions(-) create mode 100644 infra/src/uber-charts/unicorn-app.ts diff --git a/.gitignore b/.gitignore index a97e5eec68f8..ec4c2d808dfb 100644 --- a/.gitignore +++ b/.gitignore @@ -31,6 +31,7 @@ TODO .env .env.* .envrc.private +nx-cloud.env .nvmrc .node-version # IDE - VSCode diff --git a/charts/islandis/values.dev.yaml b/charts/islandis/values.dev.yaml index abff24f0f7b6..8714202f38ed 100644 --- a/charts/islandis/values.dev.yaml +++ b/charts/islandis/values.dev.yaml @@ -1803,6 +1803,7 @@ namespaces: - 'services-sessions' - 'contentful-apps' - 'services-university-gateway' + - 'unicorn-app' portals-admin: enabled: true env: @@ -3052,6 +3053,69 @@ skilavottord-ws: securityContext: allowPrivilegeEscalation: false privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' user-notification: args: - '--no-experimental-fetch' diff --git a/infra/src/cli/generate-chart-values.ts b/infra/src/cli/generate-chart-values.ts index aee963834737..14909cf66007 100755 --- a/infra/src/cli/generate-chart-values.ts +++ b/infra/src/cli/generate-chart-values.ts @@ -1,18 +1,47 @@ import { renderEnv } from './render-env' -import { ChartName, Deployments } from '../uber-charts/all-charts' -import { writeFileSync } from 'fs' +import { ChartName, Deployments, Charts } from '../uber-charts/all-charts' +import { writeFileSync, mkdirSync } from 'fs' import { Envs } from '../environments' import { OpsEnv } from '../dsl/types/input-types' +import path from 'path' ;(async () => { console.log('Gathering charts') for (const [name, envs] of Object.entries(Deployments)) { for (const [envType, envName] of Object.entries(envs)) { - console.log(`Rendering ${name} ${envName} ${envType}`) + console.log(`Processing ${name} ${envName} ${envType}`) + + // Get the rendered environment values + const renderedValues = await renderEnv( + envType as OpsEnv, + name as ChartName, + ) + + // Ensure umbrella chart directory exists and write values + const umbrellaDir = path.join(__dirname, '/../../../charts', name) + mkdirSync(umbrellaDir, { recursive: true }) writeFileSync( - `${__dirname}/../../../charts/${name}/values.${Envs[envName].type}.yaml`, - await renderEnv(envType as OpsEnv, name as ChartName), + path.join(umbrellaDir, `values.${Envs[envName].type}.yaml`), + renderedValues, { encoding: 'utf8' }, ) + + // Get services for this chart and environment + const services = Charts[name as ChartName][envType as OpsEnv] + + // Write individual service values files + for (const service of services) { + const serviceDir = path.join( + __dirname, + '/../../../charts/services', + service.name(), + ) + mkdirSync(serviceDir, { recursive: true }) + writeFileSync( + path.join(serviceDir, `values.${Envs[envName].type}.yaml`), + renderedValues, // For now, writing the same values - we can modify this later + { encoding: 'utf8' }, + ) + } } } })() diff --git a/infra/src/uber-charts/all-charts.ts b/infra/src/uber-charts/all-charts.ts index 2afa35272b04..1a8a343a2c2c 100644 --- a/infra/src/uber-charts/all-charts.ts +++ b/infra/src/uber-charts/all-charts.ts @@ -1,20 +1,27 @@ import { Services as ISServices } from './islandis' import { Services as JSServices } from './judicial-system' import { Services as IDSServices } from './identity-server' +import { Services as UnicornServices } from './unicorn-app' import { EnvironmentServices, OpsEnvName } from '../dsl/types/charts' import { OpsEnv } from '../dsl/types/input-types' -export type ChartName = 'islandis' | 'judicial-system' | 'identity-server' +export type ChartName = + | 'islandis' + | 'judicial-system' + | 'identity-server' + | 'unicorn-app' export const ChartNames: ChartName[] = [ 'islandis', 'judicial-system', 'identity-server', + 'unicorn-app', ] export const OpsEnvNames: OpsEnv[] = ['dev', 'staging', 'prod'] export const Charts: { [name in ChartName]: EnvironmentServices } = { 'identity-server': IDSServices, islandis: ISServices, 'judicial-system': JSServices, + 'unicorn-app': UnicornServices, } export const Deployments: { @@ -23,4 +30,5 @@ export const Deployments: { 'judicial-system': { dev: 'dev01', staging: 'staging01', prod: 'prod' }, islandis: { dev: 'dev01', staging: 'staging01', prod: 'prod' }, 'identity-server': { dev: 'devIds', staging: 'stagingIds', prod: 'prod-ids' }, + 'unicorn-app': { dev: 'dev01', staging: 'staging01', prod: 'prod' }, } diff --git a/infra/src/uber-charts/unicorn-app.ts b/infra/src/uber-charts/unicorn-app.ts new file mode 100644 index 000000000000..edc28171db64 --- /dev/null +++ b/infra/src/uber-charts/unicorn-app.ts @@ -0,0 +1,10 @@ +import { serviceSetup as unicornAppSetup } from '../../../apps/unicorn-app/infra/infra' + +import { EnvironmentServices } from '.././dsl/types/charts' +const unicornApp = unicornAppSetup() + +export const Services: EnvironmentServices = { + prod: [unicornApp], + staging: [unicornApp], + dev: [unicornApp], +} From 31c2fb8e7fb7102bc1b3fd868596d6b8ce6bd306 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Tue, 12 Nov 2024 23:59:35 +0000 Subject: [PATCH 19/50] fix: cleanup --- infra/src/uber-charts/all-charts.ts | 10 +--------- infra/src/uber-charts/islandis.ts | 9 ++++----- infra/src/uber-charts/unicorn-app.ts | 10 ---------- 3 files changed, 5 insertions(+), 24 deletions(-) delete mode 100644 infra/src/uber-charts/unicorn-app.ts diff --git a/infra/src/uber-charts/all-charts.ts b/infra/src/uber-charts/all-charts.ts index 1a8a343a2c2c..2afa35272b04 100644 --- a/infra/src/uber-charts/all-charts.ts +++ b/infra/src/uber-charts/all-charts.ts @@ -1,27 +1,20 @@ import { Services as ISServices } from './islandis' import { Services as JSServices } from './judicial-system' import { Services as IDSServices } from './identity-server' -import { Services as UnicornServices } from './unicorn-app' import { EnvironmentServices, OpsEnvName } from '../dsl/types/charts' import { OpsEnv } from '../dsl/types/input-types' -export type ChartName = - | 'islandis' - | 'judicial-system' - | 'identity-server' - | 'unicorn-app' +export type ChartName = 'islandis' | 'judicial-system' | 'identity-server' export const ChartNames: ChartName[] = [ 'islandis', 'judicial-system', 'identity-server', - 'unicorn-app', ] export const OpsEnvNames: OpsEnv[] = ['dev', 'staging', 'prod'] export const Charts: { [name in ChartName]: EnvironmentServices } = { 'identity-server': IDSServices, islandis: ISServices, 'judicial-system': JSServices, - 'unicorn-app': UnicornServices, } export const Deployments: { @@ -30,5 +23,4 @@ export const Deployments: { 'judicial-system': { dev: 'dev01', staging: 'staging01', prod: 'prod' }, islandis: { dev: 'dev01', staging: 'staging01', prod: 'prod' }, 'identity-server': { dev: 'devIds', staging: 'stagingIds', prod: 'prod-ids' }, - 'unicorn-app': { dev: 'dev01', staging: 'staging01', prod: 'prod' }, } diff --git a/infra/src/uber-charts/islandis.ts b/infra/src/uber-charts/islandis.ts index 962f3076231f..56fec4b13892 100644 --- a/infra/src/uber-charts/islandis.ts +++ b/infra/src/uber-charts/islandis.ts @@ -130,7 +130,7 @@ const consultationPortal = consultationPortalSetup({ api }) const xroadCollector = xroadCollectorSetup() -const unicornApp = unicornAppSetup() +const unicornApp = unicornAppSetup() const licenseApi = licenseApiSetup() @@ -142,8 +142,7 @@ const downloadService = downloadServiceSetup({ const userNotificationWorkerService = userNotificationWorkerSetup({ userProfileApi: servicePortalApi, }) -const userNotificationCleanupWorkerService = - userNotificationCleanUpWorkerSetup() +const userNotificationCleanupWorkerService = userNotificationCleanUpWorkerSetup() const githubActionsCache = githubActionsCacheSetup() @@ -218,7 +217,7 @@ export const Services: EnvironmentServices = { sessionsCleanupWorker, universityGatewayService, universityGatewayWorker, - bffAdminPortalService + bffAdminPortalService, ], dev: [ appSystemApi, @@ -257,7 +256,7 @@ export const Services: EnvironmentServices = { universityGatewayService, universityGatewayWorker, bffAdminPortalService, - unicornApp + unicornApp, ], } diff --git a/infra/src/uber-charts/unicorn-app.ts b/infra/src/uber-charts/unicorn-app.ts deleted file mode 100644 index edc28171db64..000000000000 --- a/infra/src/uber-charts/unicorn-app.ts +++ /dev/null @@ -1,10 +0,0 @@ -import { serviceSetup as unicornAppSetup } from '../../../apps/unicorn-app/infra/infra' - -import { EnvironmentServices } from '.././dsl/types/charts' -const unicornApp = unicornAppSetup() - -export const Services: EnvironmentServices = { - prod: [unicornApp], - staging: [unicornApp], - dev: [unicornApp], -} From d00cc784935e6dbe0dd85512a68a081286c30a88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 13 Nov 2024 00:01:23 +0000 Subject: [PATCH 20/50] fix: added values per service --- .../air-discount-scheme-api/values.dev.yaml | 3563 +++++++++++++++++ .../air-discount-scheme-api/values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../values.dev.yaml | 3563 +++++++++++++++++ .../values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../air-discount-scheme-web/values.dev.yaml | 3563 +++++++++++++++++ .../air-discount-scheme-web/values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ charts/services/api/values.dev.yaml | 3563 +++++++++++++++++ charts/services/api/values.prod.yaml | 3379 ++++++++++++++++ charts/services/api/values.staging.yaml | 3238 +++++++++++++++ .../values.dev.yaml | 3563 +++++++++++++++++ .../values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../application-system-api/values.dev.yaml | 3563 +++++++++++++++++ .../application-system-api/values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../application-system-form/values.dev.yaml | 3563 +++++++++++++++++ .../application-system-form/values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../services/auth-admin-web/values.dev.yaml | 826 ++++ .../services/auth-admin-web/values.prod.yaml | 823 ++++ .../auth-admin-web/values.staging.yaml | 826 ++++ .../consultation-portal/values.dev.yaml | 3563 +++++++++++++++++ .../consultation-portal/values.prod.yaml | 3379 ++++++++++++++++ .../consultation-portal/values.staging.yaml | 3238 +++++++++++++++ .../services/contentful-apps/values.dev.yaml | 3563 +++++++++++++++++ .../services/contentful-apps/values.prod.yaml | 3379 ++++++++++++++++ .../values.dev.yaml | 3563 +++++++++++++++++ .../values.prod.yaml | 3379 ++++++++++++++++ .../services/download-service/values.dev.yaml | 3563 +++++++++++++++++ .../download-service/values.prod.yaml | 3379 ++++++++++++++++ .../download-service/values.staging.yaml | 3238 +++++++++++++++ .../endorsement-system-api/values.dev.yaml | 3563 +++++++++++++++++ .../endorsement-system-api/values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../external-contracts-tests/values.dev.yaml | 3563 +++++++++++++++++ .../github-actions-cache/values.dev.yaml | 3563 +++++++++++++++++ .../values.dev.yaml | 3563 +++++++++++++++++ .../values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../services/identity-server/values.dev.yaml | 826 ++++ .../services/identity-server/values.prod.yaml | 823 ++++ .../identity-server/values.staging.yaml | 826 ++++ .../island-ui-storybook/values.dev.yaml | 3563 +++++++++++++++++ .../island-ui-storybook/values.prod.yaml | 3379 ++++++++++++++++ .../island-ui-storybook/values.staging.yaml | 3238 +++++++++++++++ .../judicial-system-api/values.dev.yaml | 654 +++ .../judicial-system-api/values.prod.yaml | 654 +++ .../judicial-system-api/values.staging.yaml | 654 +++ .../judicial-system-backend/values.dev.yaml | 654 +++ .../judicial-system-backend/values.prod.yaml | 654 +++ .../values.staging.yaml | 654 +++ .../values.dev.yaml | 654 +++ .../values.prod.yaml | 654 +++ .../values.staging.yaml | 654 +++ .../values.dev.yaml | 654 +++ .../values.prod.yaml | 654 +++ .../values.staging.yaml | 654 +++ .../judicial-system-robot-api/values.dev.yaml | 654 +++ .../values.prod.yaml | 654 +++ .../values.staging.yaml | 654 +++ .../judicial-system-scheduler/values.dev.yaml | 654 +++ .../values.prod.yaml | 654 +++ .../values.staging.yaml | 654 +++ .../judicial-system-web/values.dev.yaml | 654 +++ .../judicial-system-web/values.prod.yaml | 654 +++ .../judicial-system-web/values.staging.yaml | 654 +++ .../judicial-system-xrd-api/values.dev.yaml | 654 +++ .../judicial-system-xrd-api/values.prod.yaml | 654 +++ .../values.staging.yaml | 654 +++ charts/services/license-api/values.dev.yaml | 3563 +++++++++++++++++ charts/services/license-api/values.prod.yaml | 3379 ++++++++++++++++ .../services/license-api/values.staging.yaml | 3238 +++++++++++++++ charts/services/portals-admin/values.dev.yaml | 3563 +++++++++++++++++ .../services/portals-admin/values.prod.yaml | 3379 ++++++++++++++++ .../portals-admin/values.staging.yaml | 3238 +++++++++++++++ .../regulations-admin-backend/values.dev.yaml | 3563 +++++++++++++++++ .../values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../search-indexer-service/values.dev.yaml | 3563 +++++++++++++++++ .../search-indexer-service/values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../service-portal-api/values.dev.yaml | 3563 +++++++++++++++++ .../service-portal-api/values.prod.yaml | 3379 ++++++++++++++++ .../service-portal-api/values.staging.yaml | 3238 +++++++++++++++ .../services/service-portal/values.dev.yaml | 3563 +++++++++++++++++ .../services/service-portal/values.prod.yaml | 3379 ++++++++++++++++ .../service-portal/values.staging.yaml | 3238 +++++++++++++++ .../services-auth-admin-api/values.dev.yaml | 826 ++++ .../services-auth-admin-api/values.prod.yaml | 823 ++++ .../values.staging.yaml | 826 ++++ .../values.dev.yaml | 826 ++++ .../values.prod.yaml | 823 ++++ .../values.staging.yaml | 826 ++++ .../values.dev.yaml | 826 ++++ .../values.prod.yaml | 823 ++++ .../values.staging.yaml | 826 ++++ .../services-auth-ids-api/values.dev.yaml | 826 ++++ .../services-auth-ids-api/values.prod.yaml | 823 ++++ .../services-auth-ids-api/values.staging.yaml | 826 ++++ .../values.dev.yaml | 826 ++++ .../values.prod.yaml | 823 ++++ .../values.staging.yaml | 826 ++++ .../values.dev.yaml | 826 ++++ .../values.prod.yaml | 823 ++++ .../values.staging.yaml | 826 ++++ .../services-auth-public-api/values.dev.yaml | 826 ++++ .../services-auth-public-api/values.prod.yaml | 823 ++++ .../values.staging.yaml | 826 ++++ .../values.dev.yaml | 3563 +++++++++++++++++ .../values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../services-documents/values.dev.yaml | 3563 +++++++++++++++++ .../services-documents/values.prod.yaml | 3379 ++++++++++++++++ .../services-documents/values.staging.yaml | 3238 +++++++++++++++ .../services-sessions-cleanup/values.dev.yaml | 3563 +++++++++++++++++ .../values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../services-sessions-worker/values.dev.yaml | 3563 +++++++++++++++++ .../services-sessions-worker/values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../services-sessions/values.dev.yaml | 3563 +++++++++++++++++ .../services-sessions/values.prod.yaml | 3379 ++++++++++++++++ .../services-sessions/values.staging.yaml | 3238 +++++++++++++++ .../values.dev.yaml | 3563 +++++++++++++++++ .../values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../values.dev.yaml | 3563 +++++++++++++++++ .../values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../services/skilavottord-web/values.dev.yaml | 3563 +++++++++++++++++ .../skilavottord-web/values.prod.yaml | 3379 ++++++++++++++++ .../skilavottord-web/values.staging.yaml | 3238 +++++++++++++++ .../services/skilavottord-ws/values.dev.yaml | 3563 +++++++++++++++++ .../services/skilavottord-ws/values.prod.yaml | 3379 ++++++++++++++++ .../skilavottord-ws/values.staging.yaml | 3238 +++++++++++++++ charts/services/unicorn-app/values.dev.yaml | 3563 +++++++++++++++++ charts/services/unicorn-app/values.prod.yaml | 84 + .../services/unicorn-app/values.staging.yaml | 84 + .../values.dev.yaml | 3563 +++++++++++++++++ .../values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../user-notification-worker/values.dev.yaml | 3563 +++++++++++++++++ .../user-notification-worker/values.prod.yaml | 3379 ++++++++++++++++ .../values.staging.yaml | 3238 +++++++++++++++ .../user-notification/values.dev.yaml | 3563 +++++++++++++++++ .../user-notification/values.prod.yaml | 3379 ++++++++++++++++ .../user-notification/values.staging.yaml | 3238 +++++++++++++++ charts/services/web/values.dev.yaml | 3563 +++++++++++++++++ charts/services/web/values.prod.yaml | 3379 ++++++++++++++++ charts/services/web/values.staging.yaml | 3238 +++++++++++++++ .../services/xroad-collector/values.dev.yaml | 3563 +++++++++++++++++ .../services/xroad-collector/values.prod.yaml | 3379 ++++++++++++++++ .../xroad-collector/values.staging.yaml | 3238 +++++++++++++++ 156 files changed, 388472 insertions(+) create mode 100644 charts/services/air-discount-scheme-api/values.dev.yaml create mode 100644 charts/services/air-discount-scheme-api/values.prod.yaml create mode 100644 charts/services/air-discount-scheme-api/values.staging.yaml create mode 100644 charts/services/air-discount-scheme-backend/values.dev.yaml create mode 100644 charts/services/air-discount-scheme-backend/values.prod.yaml create mode 100644 charts/services/air-discount-scheme-backend/values.staging.yaml create mode 100644 charts/services/air-discount-scheme-web/values.dev.yaml create mode 100644 charts/services/air-discount-scheme-web/values.prod.yaml create mode 100644 charts/services/air-discount-scheme-web/values.staging.yaml create mode 100644 charts/services/api/values.dev.yaml create mode 100644 charts/services/api/values.prod.yaml create mode 100644 charts/services/api/values.staging.yaml create mode 100644 charts/services/application-system-api-worker/values.dev.yaml create mode 100644 charts/services/application-system-api-worker/values.prod.yaml create mode 100644 charts/services/application-system-api-worker/values.staging.yaml create mode 100644 charts/services/application-system-api/values.dev.yaml create mode 100644 charts/services/application-system-api/values.prod.yaml create mode 100644 charts/services/application-system-api/values.staging.yaml create mode 100644 charts/services/application-system-form/values.dev.yaml create mode 100644 charts/services/application-system-form/values.prod.yaml create mode 100644 charts/services/application-system-form/values.staging.yaml create mode 100644 charts/services/auth-admin-web/values.dev.yaml create mode 100644 charts/services/auth-admin-web/values.prod.yaml create mode 100644 charts/services/auth-admin-web/values.staging.yaml create mode 100644 charts/services/consultation-portal/values.dev.yaml create mode 100644 charts/services/consultation-portal/values.prod.yaml create mode 100644 charts/services/consultation-portal/values.staging.yaml create mode 100644 charts/services/contentful-apps/values.dev.yaml create mode 100644 charts/services/contentful-apps/values.prod.yaml create mode 100644 charts/services/contentful-entry-tagger-service/values.dev.yaml create mode 100644 charts/services/contentful-entry-tagger-service/values.prod.yaml create mode 100644 charts/services/download-service/values.dev.yaml create mode 100644 charts/services/download-service/values.prod.yaml create mode 100644 charts/services/download-service/values.staging.yaml create mode 100644 charts/services/endorsement-system-api/values.dev.yaml create mode 100644 charts/services/endorsement-system-api/values.prod.yaml create mode 100644 charts/services/endorsement-system-api/values.staging.yaml create mode 100644 charts/services/external-contracts-tests/values.dev.yaml create mode 100644 charts/services/github-actions-cache/values.dev.yaml create mode 100644 charts/services/icelandic-names-registry-backend/values.dev.yaml create mode 100644 charts/services/icelandic-names-registry-backend/values.prod.yaml create mode 100644 charts/services/icelandic-names-registry-backend/values.staging.yaml create mode 100644 charts/services/identity-server/values.dev.yaml create mode 100644 charts/services/identity-server/values.prod.yaml create mode 100644 charts/services/identity-server/values.staging.yaml create mode 100644 charts/services/island-ui-storybook/values.dev.yaml create mode 100644 charts/services/island-ui-storybook/values.prod.yaml create mode 100644 charts/services/island-ui-storybook/values.staging.yaml create mode 100644 charts/services/judicial-system-api/values.dev.yaml create mode 100644 charts/services/judicial-system-api/values.prod.yaml create mode 100644 charts/services/judicial-system-api/values.staging.yaml create mode 100644 charts/services/judicial-system-backend/values.dev.yaml create mode 100644 charts/services/judicial-system-backend/values.prod.yaml create mode 100644 charts/services/judicial-system-backend/values.staging.yaml create mode 100644 charts/services/judicial-system-digital-mailbox-api/values.dev.yaml create mode 100644 charts/services/judicial-system-digital-mailbox-api/values.prod.yaml create mode 100644 charts/services/judicial-system-digital-mailbox-api/values.staging.yaml create mode 100644 charts/services/judicial-system-message-handler/values.dev.yaml create mode 100644 charts/services/judicial-system-message-handler/values.prod.yaml create mode 100644 charts/services/judicial-system-message-handler/values.staging.yaml create mode 100644 charts/services/judicial-system-robot-api/values.dev.yaml create mode 100644 charts/services/judicial-system-robot-api/values.prod.yaml create mode 100644 charts/services/judicial-system-robot-api/values.staging.yaml create mode 100644 charts/services/judicial-system-scheduler/values.dev.yaml create mode 100644 charts/services/judicial-system-scheduler/values.prod.yaml create mode 100644 charts/services/judicial-system-scheduler/values.staging.yaml create mode 100644 charts/services/judicial-system-web/values.dev.yaml create mode 100644 charts/services/judicial-system-web/values.prod.yaml create mode 100644 charts/services/judicial-system-web/values.staging.yaml create mode 100644 charts/services/judicial-system-xrd-api/values.dev.yaml create mode 100644 charts/services/judicial-system-xrd-api/values.prod.yaml create mode 100644 charts/services/judicial-system-xrd-api/values.staging.yaml create mode 100644 charts/services/license-api/values.dev.yaml create mode 100644 charts/services/license-api/values.prod.yaml create mode 100644 charts/services/license-api/values.staging.yaml create mode 100644 charts/services/portals-admin/values.dev.yaml create mode 100644 charts/services/portals-admin/values.prod.yaml create mode 100644 charts/services/portals-admin/values.staging.yaml create mode 100644 charts/services/regulations-admin-backend/values.dev.yaml create mode 100644 charts/services/regulations-admin-backend/values.prod.yaml create mode 100644 charts/services/regulations-admin-backend/values.staging.yaml create mode 100644 charts/services/search-indexer-service/values.dev.yaml create mode 100644 charts/services/search-indexer-service/values.prod.yaml create mode 100644 charts/services/search-indexer-service/values.staging.yaml create mode 100644 charts/services/service-portal-api/values.dev.yaml create mode 100644 charts/services/service-portal-api/values.prod.yaml create mode 100644 charts/services/service-portal-api/values.staging.yaml create mode 100644 charts/services/service-portal/values.dev.yaml create mode 100644 charts/services/service-portal/values.prod.yaml create mode 100644 charts/services/service-portal/values.staging.yaml create mode 100644 charts/services/services-auth-admin-api/values.dev.yaml create mode 100644 charts/services/services-auth-admin-api/values.prod.yaml create mode 100644 charts/services/services-auth-admin-api/values.staging.yaml create mode 100644 charts/services/services-auth-delegation-api/values.dev.yaml create mode 100644 charts/services/services-auth-delegation-api/values.prod.yaml create mode 100644 charts/services/services-auth-delegation-api/values.staging.yaml create mode 100644 charts/services/services-auth-ids-api-cleanup/values.dev.yaml create mode 100644 charts/services/services-auth-ids-api-cleanup/values.prod.yaml create mode 100644 charts/services/services-auth-ids-api-cleanup/values.staging.yaml create mode 100644 charts/services/services-auth-ids-api/values.dev.yaml create mode 100644 charts/services/services-auth-ids-api/values.prod.yaml create mode 100644 charts/services/services-auth-ids-api/values.staging.yaml create mode 100644 charts/services/services-auth-personal-representative-public/values.dev.yaml create mode 100644 charts/services/services-auth-personal-representative-public/values.prod.yaml create mode 100644 charts/services/services-auth-personal-representative-public/values.staging.yaml create mode 100644 charts/services/services-auth-personal-representative/values.dev.yaml create mode 100644 charts/services/services-auth-personal-representative/values.prod.yaml create mode 100644 charts/services/services-auth-personal-representative/values.staging.yaml create mode 100644 charts/services/services-auth-public-api/values.dev.yaml create mode 100644 charts/services/services-auth-public-api/values.prod.yaml create mode 100644 charts/services/services-auth-public-api/values.staging.yaml create mode 100644 charts/services/services-bff-portals-admin/values.dev.yaml create mode 100644 charts/services/services-bff-portals-admin/values.prod.yaml create mode 100644 charts/services/services-bff-portals-admin/values.staging.yaml create mode 100644 charts/services/services-documents/values.dev.yaml create mode 100644 charts/services/services-documents/values.prod.yaml create mode 100644 charts/services/services-documents/values.staging.yaml create mode 100644 charts/services/services-sessions-cleanup/values.dev.yaml create mode 100644 charts/services/services-sessions-cleanup/values.prod.yaml create mode 100644 charts/services/services-sessions-cleanup/values.staging.yaml create mode 100644 charts/services/services-sessions-worker/values.dev.yaml create mode 100644 charts/services/services-sessions-worker/values.prod.yaml create mode 100644 charts/services/services-sessions-worker/values.staging.yaml create mode 100644 charts/services/services-sessions/values.dev.yaml create mode 100644 charts/services/services-sessions/values.prod.yaml create mode 100644 charts/services/services-sessions/values.staging.yaml create mode 100644 charts/services/services-university-gateway-worker/values.dev.yaml create mode 100644 charts/services/services-university-gateway-worker/values.prod.yaml create mode 100644 charts/services/services-university-gateway-worker/values.staging.yaml create mode 100644 charts/services/services-university-gateway/values.dev.yaml create mode 100644 charts/services/services-university-gateway/values.prod.yaml create mode 100644 charts/services/services-university-gateway/values.staging.yaml create mode 100644 charts/services/skilavottord-web/values.dev.yaml create mode 100644 charts/services/skilavottord-web/values.prod.yaml create mode 100644 charts/services/skilavottord-web/values.staging.yaml create mode 100644 charts/services/skilavottord-ws/values.dev.yaml create mode 100644 charts/services/skilavottord-ws/values.prod.yaml create mode 100644 charts/services/skilavottord-ws/values.staging.yaml create mode 100644 charts/services/unicorn-app/values.dev.yaml create mode 100644 charts/services/unicorn-app/values.prod.yaml create mode 100644 charts/services/unicorn-app/values.staging.yaml create mode 100644 charts/services/user-notification-cleanup-worker/values.dev.yaml create mode 100644 charts/services/user-notification-cleanup-worker/values.prod.yaml create mode 100644 charts/services/user-notification-cleanup-worker/values.staging.yaml create mode 100644 charts/services/user-notification-worker/values.dev.yaml create mode 100644 charts/services/user-notification-worker/values.prod.yaml create mode 100644 charts/services/user-notification-worker/values.staging.yaml create mode 100644 charts/services/user-notification/values.dev.yaml create mode 100644 charts/services/user-notification/values.prod.yaml create mode 100644 charts/services/user-notification/values.staging.yaml create mode 100644 charts/services/web/values.dev.yaml create mode 100644 charts/services/web/values.prod.yaml create mode 100644 charts/services/web/values.staging.yaml create mode 100644 charts/services/xroad-collector/values.dev.yaml create mode 100644 charts/services/xroad-collector/values.prod.yaml create mode 100644 charts/services/xroad-collector/values.staging.yaml diff --git a/charts/services/air-discount-scheme-api/values.dev.yaml b/charts/services/air-discount-scheme-api/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/air-discount-scheme-api/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/air-discount-scheme-api/values.prod.yaml b/charts/services/air-discount-scheme-api/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/air-discount-scheme-api/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/air-discount-scheme-api/values.staging.yaml b/charts/services/air-discount-scheme-api/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/air-discount-scheme-api/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/air-discount-scheme-backend/values.dev.yaml b/charts/services/air-discount-scheme-backend/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/air-discount-scheme-backend/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/air-discount-scheme-backend/values.prod.yaml b/charts/services/air-discount-scheme-backend/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/air-discount-scheme-backend/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/air-discount-scheme-backend/values.staging.yaml b/charts/services/air-discount-scheme-backend/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/air-discount-scheme-backend/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/air-discount-scheme-web/values.dev.yaml b/charts/services/air-discount-scheme-web/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/air-discount-scheme-web/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/air-discount-scheme-web/values.prod.yaml b/charts/services/air-discount-scheme-web/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/air-discount-scheme-web/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/air-discount-scheme-web/values.staging.yaml b/charts/services/air-discount-scheme-web/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/air-discount-scheme-web/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/api/values.dev.yaml b/charts/services/api/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/api/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/api/values.prod.yaml b/charts/services/api/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/api/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/api/values.staging.yaml b/charts/services/api/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/api/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/application-system-api-worker/values.dev.yaml b/charts/services/application-system-api-worker/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/application-system-api-worker/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/application-system-api-worker/values.prod.yaml b/charts/services/application-system-api-worker/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/application-system-api-worker/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/application-system-api-worker/values.staging.yaml b/charts/services/application-system-api-worker/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/application-system-api-worker/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/application-system-api/values.dev.yaml b/charts/services/application-system-api/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/application-system-api/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/application-system-api/values.prod.yaml b/charts/services/application-system-api/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/application-system-api/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/application-system-api/values.staging.yaml b/charts/services/application-system-api/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/application-system-api/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/application-system-form/values.dev.yaml b/charts/services/application-system-form/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/application-system-form/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/application-system-form/values.prod.yaml b/charts/services/application-system-form/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/application-system-form/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/application-system-form/values.staging.yaml b/charts/services/application-system-form/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/application-system-form/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/auth-admin-web/values.dev.yaml b/charts/services/auth-admin-web/values.dev.yaml new file mode 100644 index 000000000000..2efa5ea90de6 --- /dev/null +++ b/charts/services/auth-admin-web/values.dev.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.dev01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://preview.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/auth-admin-web/values.prod.yaml b/charts/services/auth-admin-web/values.prod.yaml new file mode 100644 index 000000000000..6ebbacf21056 --- /dev/null +++ b/charts/services/auth-admin-web/values.prod.yaml @@ -0,0 +1,823 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://innskra.island.is/admin' + IDENTITYSERVER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'false' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'true' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.innskra.island.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/auth-admin-web/values.staging.yaml b/charts/services/auth-admin-web/values.staging.yaml new file mode 100644 index 000000000000..2273a2f55b22 --- /dev/null +++ b/charts/services/auth-admin-web/values.staging.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.staging01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/consultation-portal/values.dev.yaml b/charts/services/consultation-portal/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/consultation-portal/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/consultation-portal/values.prod.yaml b/charts/services/consultation-portal/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/consultation-portal/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/consultation-portal/values.staging.yaml b/charts/services/consultation-portal/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/consultation-portal/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/contentful-apps/values.dev.yaml b/charts/services/contentful-apps/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/contentful-apps/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/contentful-apps/values.prod.yaml b/charts/services/contentful-apps/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/contentful-apps/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/contentful-entry-tagger-service/values.dev.yaml b/charts/services/contentful-entry-tagger-service/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/contentful-entry-tagger-service/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/contentful-entry-tagger-service/values.prod.yaml b/charts/services/contentful-entry-tagger-service/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/contentful-entry-tagger-service/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/download-service/values.dev.yaml b/charts/services/download-service/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/download-service/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/download-service/values.prod.yaml b/charts/services/download-service/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/download-service/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/download-service/values.staging.yaml b/charts/services/download-service/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/download-service/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/endorsement-system-api/values.dev.yaml b/charts/services/endorsement-system-api/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/endorsement-system-api/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/endorsement-system-api/values.prod.yaml b/charts/services/endorsement-system-api/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/endorsement-system-api/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/endorsement-system-api/values.staging.yaml b/charts/services/endorsement-system-api/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/endorsement-system-api/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/external-contracts-tests/values.dev.yaml b/charts/services/external-contracts-tests/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/external-contracts-tests/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/github-actions-cache/values.dev.yaml b/charts/services/github-actions-cache/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/github-actions-cache/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/icelandic-names-registry-backend/values.dev.yaml b/charts/services/icelandic-names-registry-backend/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/icelandic-names-registry-backend/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/icelandic-names-registry-backend/values.prod.yaml b/charts/services/icelandic-names-registry-backend/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/icelandic-names-registry-backend/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/icelandic-names-registry-backend/values.staging.yaml b/charts/services/icelandic-names-registry-backend/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/icelandic-names-registry-backend/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/identity-server/values.dev.yaml b/charts/services/identity-server/values.dev.yaml new file mode 100644 index 000000000000..2efa5ea90de6 --- /dev/null +++ b/charts/services/identity-server/values.dev.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.dev01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://preview.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/identity-server/values.prod.yaml b/charts/services/identity-server/values.prod.yaml new file mode 100644 index 000000000000..6ebbacf21056 --- /dev/null +++ b/charts/services/identity-server/values.prod.yaml @@ -0,0 +1,823 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://innskra.island.is/admin' + IDENTITYSERVER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'false' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'true' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.innskra.island.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/identity-server/values.staging.yaml b/charts/services/identity-server/values.staging.yaml new file mode 100644 index 000000000000..2273a2f55b22 --- /dev/null +++ b/charts/services/identity-server/values.staging.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.staging01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/island-ui-storybook/values.dev.yaml b/charts/services/island-ui-storybook/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/island-ui-storybook/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/island-ui-storybook/values.prod.yaml b/charts/services/island-ui-storybook/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/island-ui-storybook/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/island-ui-storybook/values.staging.yaml b/charts/services/island-ui-storybook/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/island-ui-storybook/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/judicial-system-api/values.dev.yaml b/charts/services/judicial-system-api/values.dev.yaml new file mode 100644 index 000000000000..b87ac2b9294f --- /dev/null +++ b/charts/services/judicial-system-api/values.dev.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://judicial-system.dev01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + S3_BUCKET: 'island-is-dev-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '10019' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '10005' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.dev01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-api/values.prod.yaml b/charts/services/judicial-system-api/values.prod.yaml new file mode 100644 index 000000000000..f0a1db2678df --- /dev/null +++ b/charts/services/judicial-system-api/values.prod.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'false' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' + AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://rettarvorslugatt.island.is' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://ws.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-prod-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://rettarvorslugatt.island.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-api/values.staging.yaml b/charts/services/judicial-system-api/values.staging.yaml new file mode 100644 index 000000000000..e4a133f4ad7e --- /dev/null +++ b/charts/services/judicial-system-api/values.staging.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' + CLIENT_URL: 'https://judicial-system.staging01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-staging-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.staging01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-backend/values.dev.yaml b/charts/services/judicial-system-backend/values.dev.yaml new file mode 100644 index 000000000000..b87ac2b9294f --- /dev/null +++ b/charts/services/judicial-system-backend/values.dev.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://judicial-system.dev01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + S3_BUCKET: 'island-is-dev-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '10019' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '10005' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.dev01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-backend/values.prod.yaml b/charts/services/judicial-system-backend/values.prod.yaml new file mode 100644 index 000000000000..f0a1db2678df --- /dev/null +++ b/charts/services/judicial-system-backend/values.prod.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'false' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' + AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://rettarvorslugatt.island.is' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://ws.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-prod-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://rettarvorslugatt.island.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-backend/values.staging.yaml b/charts/services/judicial-system-backend/values.staging.yaml new file mode 100644 index 000000000000..e4a133f4ad7e --- /dev/null +++ b/charts/services/judicial-system-backend/values.staging.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' + CLIENT_URL: 'https://judicial-system.staging01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-staging-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.staging01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml b/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml new file mode 100644 index 000000000000..b87ac2b9294f --- /dev/null +++ b/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://judicial-system.dev01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + S3_BUCKET: 'island-is-dev-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '10019' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '10005' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.dev01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml b/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml new file mode 100644 index 000000000000..f0a1db2678df --- /dev/null +++ b/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'false' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' + AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://rettarvorslugatt.island.is' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://ws.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-prod-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://rettarvorslugatt.island.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml b/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml new file mode 100644 index 000000000000..e4a133f4ad7e --- /dev/null +++ b/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' + CLIENT_URL: 'https://judicial-system.staging01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-staging-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.staging01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-message-handler/values.dev.yaml b/charts/services/judicial-system-message-handler/values.dev.yaml new file mode 100644 index 000000000000..b87ac2b9294f --- /dev/null +++ b/charts/services/judicial-system-message-handler/values.dev.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://judicial-system.dev01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + S3_BUCKET: 'island-is-dev-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '10019' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '10005' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.dev01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-message-handler/values.prod.yaml b/charts/services/judicial-system-message-handler/values.prod.yaml new file mode 100644 index 000000000000..f0a1db2678df --- /dev/null +++ b/charts/services/judicial-system-message-handler/values.prod.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'false' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' + AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://rettarvorslugatt.island.is' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://ws.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-prod-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://rettarvorslugatt.island.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-message-handler/values.staging.yaml b/charts/services/judicial-system-message-handler/values.staging.yaml new file mode 100644 index 000000000000..e4a133f4ad7e --- /dev/null +++ b/charts/services/judicial-system-message-handler/values.staging.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' + CLIENT_URL: 'https://judicial-system.staging01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-staging-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.staging01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-robot-api/values.dev.yaml b/charts/services/judicial-system-robot-api/values.dev.yaml new file mode 100644 index 000000000000..b87ac2b9294f --- /dev/null +++ b/charts/services/judicial-system-robot-api/values.dev.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://judicial-system.dev01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + S3_BUCKET: 'island-is-dev-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '10019' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '10005' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.dev01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-robot-api/values.prod.yaml b/charts/services/judicial-system-robot-api/values.prod.yaml new file mode 100644 index 000000000000..f0a1db2678df --- /dev/null +++ b/charts/services/judicial-system-robot-api/values.prod.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'false' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' + AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://rettarvorslugatt.island.is' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://ws.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-prod-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://rettarvorslugatt.island.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-robot-api/values.staging.yaml b/charts/services/judicial-system-robot-api/values.staging.yaml new file mode 100644 index 000000000000..e4a133f4ad7e --- /dev/null +++ b/charts/services/judicial-system-robot-api/values.staging.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' + CLIENT_URL: 'https://judicial-system.staging01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-staging-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.staging01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-scheduler/values.dev.yaml b/charts/services/judicial-system-scheduler/values.dev.yaml new file mode 100644 index 000000000000..b87ac2b9294f --- /dev/null +++ b/charts/services/judicial-system-scheduler/values.dev.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://judicial-system.dev01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + S3_BUCKET: 'island-is-dev-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '10019' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '10005' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.dev01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-scheduler/values.prod.yaml b/charts/services/judicial-system-scheduler/values.prod.yaml new file mode 100644 index 000000000000..f0a1db2678df --- /dev/null +++ b/charts/services/judicial-system-scheduler/values.prod.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'false' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' + AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://rettarvorslugatt.island.is' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://ws.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-prod-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://rettarvorslugatt.island.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-scheduler/values.staging.yaml b/charts/services/judicial-system-scheduler/values.staging.yaml new file mode 100644 index 000000000000..e4a133f4ad7e --- /dev/null +++ b/charts/services/judicial-system-scheduler/values.staging.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' + CLIENT_URL: 'https://judicial-system.staging01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-staging-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.staging01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-web/values.dev.yaml b/charts/services/judicial-system-web/values.dev.yaml new file mode 100644 index 000000000000..b87ac2b9294f --- /dev/null +++ b/charts/services/judicial-system-web/values.dev.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://judicial-system.dev01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + S3_BUCKET: 'island-is-dev-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '10019' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '10005' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.dev01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-web/values.prod.yaml b/charts/services/judicial-system-web/values.prod.yaml new file mode 100644 index 000000000000..f0a1db2678df --- /dev/null +++ b/charts/services/judicial-system-web/values.prod.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'false' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' + AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://rettarvorslugatt.island.is' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://ws.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-prod-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://rettarvorslugatt.island.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-web/values.staging.yaml b/charts/services/judicial-system-web/values.staging.yaml new file mode 100644 index 000000000000..e4a133f4ad7e --- /dev/null +++ b/charts/services/judicial-system-web/values.staging.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' + CLIENT_URL: 'https://judicial-system.staging01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-staging-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.staging01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-xrd-api/values.dev.yaml b/charts/services/judicial-system-xrd-api/values.dev.yaml new file mode 100644 index 000000000000..b87ac2b9294f --- /dev/null +++ b/charts/services/judicial-system-xrd-api/values.dev.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://judicial-system.dev01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + S3_BUCKET: 'island-is-dev-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '10019' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '10005' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.dev01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-xrd-api/values.prod.yaml b/charts/services/judicial-system-xrd-api/values.prod.yaml new file mode 100644 index 000000000000..f0a1db2678df --- /dev/null +++ b/charts/services/judicial-system-xrd-api/values.prod.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'false' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' + AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: '' + CLIENT_URL: 'https://rettarvorslugatt.island.is' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://ws.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-prod-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://rettarvorslugatt.island.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'rettarvorslugatt.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.island.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/judicial-system-xrd-api/values.staging.yaml b/charts/services/judicial-system-xrd-api/values.staging.yaml new file mode 100644 index 000000000000..e4a133f4ad7e --- /dev/null +++ b/charts/services/judicial-system-xrd-api/values.staging.yaml @@ -0,0 +1,654 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +judicial-system-api: + enabled: true + env: + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '350m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' + create: true + name: 'judicial-system-api' +judicial-system-backend: + enabled: true + env: + BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' + CLIENT_URL: 'https://judicial-system.staging01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-staging-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' + create: true + name: 'judicial-system-backend' +judicial-system-digital-mailbox-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' + create: true + name: 'judicial-system-digital-mailbox-api' +judicial-system-message-handler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' + create: true + name: 'judicial-system-message-handler' +judicial-system-robot-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' + create: true + name: 'judicial-system-robot-api' +judicial-system-scheduler: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' + create: true + name: 'judicial-system-scheduler' +judicial-system-web: + enabled: true + env: + API_URL: 'https://judicial-system.staging01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '15m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' + securityContext: + allowPrivilegeEscalation: false + privileged: false +judicial-system-xrd-api: + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'judicial-system-xrd-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'judicial-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' + create: true + name: 'judicial-system-xrd-api' +namespaces: + labels: {} + namespaces: + - 'judicial-system' diff --git a/charts/services/license-api/values.dev.yaml b/charts/services/license-api/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/license-api/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/license-api/values.prod.yaml b/charts/services/license-api/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/license-api/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/license-api/values.staging.yaml b/charts/services/license-api/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/license-api/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/portals-admin/values.dev.yaml b/charts/services/portals-admin/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/portals-admin/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/portals-admin/values.prod.yaml b/charts/services/portals-admin/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/portals-admin/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/portals-admin/values.staging.yaml b/charts/services/portals-admin/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/portals-admin/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/regulations-admin-backend/values.dev.yaml b/charts/services/regulations-admin-backend/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/regulations-admin-backend/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/regulations-admin-backend/values.prod.yaml b/charts/services/regulations-admin-backend/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/regulations-admin-backend/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/regulations-admin-backend/values.staging.yaml b/charts/services/regulations-admin-backend/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/regulations-admin-backend/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/search-indexer-service/values.dev.yaml b/charts/services/search-indexer-service/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/search-indexer-service/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/search-indexer-service/values.prod.yaml b/charts/services/search-indexer-service/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/search-indexer-service/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/search-indexer-service/values.staging.yaml b/charts/services/search-indexer-service/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/search-indexer-service/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/service-portal-api/values.dev.yaml b/charts/services/service-portal-api/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/service-portal-api/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/service-portal-api/values.prod.yaml b/charts/services/service-portal-api/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/service-portal-api/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/service-portal-api/values.staging.yaml b/charts/services/service-portal-api/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/service-portal-api/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/service-portal/values.dev.yaml b/charts/services/service-portal/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/service-portal/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/service-portal/values.prod.yaml b/charts/services/service-portal/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/service-portal/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/service-portal/values.staging.yaml b/charts/services/service-portal/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/service-portal/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-auth-admin-api/values.dev.yaml b/charts/services/services-auth-admin-api/values.dev.yaml new file mode 100644 index 000000000000..2efa5ea90de6 --- /dev/null +++ b/charts/services/services-auth-admin-api/values.dev.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.dev01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://preview.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-admin-api/values.prod.yaml b/charts/services/services-auth-admin-api/values.prod.yaml new file mode 100644 index 000000000000..6ebbacf21056 --- /dev/null +++ b/charts/services/services-auth-admin-api/values.prod.yaml @@ -0,0 +1,823 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://innskra.island.is/admin' + IDENTITYSERVER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'false' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'true' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.innskra.island.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-admin-api/values.staging.yaml b/charts/services/services-auth-admin-api/values.staging.yaml new file mode 100644 index 000000000000..2273a2f55b22 --- /dev/null +++ b/charts/services/services-auth-admin-api/values.staging.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.staging01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-delegation-api/values.dev.yaml b/charts/services/services-auth-delegation-api/values.dev.yaml new file mode 100644 index 000000000000..2efa5ea90de6 --- /dev/null +++ b/charts/services/services-auth-delegation-api/values.dev.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.dev01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://preview.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-delegation-api/values.prod.yaml b/charts/services/services-auth-delegation-api/values.prod.yaml new file mode 100644 index 000000000000..6ebbacf21056 --- /dev/null +++ b/charts/services/services-auth-delegation-api/values.prod.yaml @@ -0,0 +1,823 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://innskra.island.is/admin' + IDENTITYSERVER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'false' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'true' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.innskra.island.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-delegation-api/values.staging.yaml b/charts/services/services-auth-delegation-api/values.staging.yaml new file mode 100644 index 000000000000..2273a2f55b22 --- /dev/null +++ b/charts/services/services-auth-delegation-api/values.staging.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.staging01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.dev.yaml b/charts/services/services-auth-ids-api-cleanup/values.dev.yaml new file mode 100644 index 000000000000..2efa5ea90de6 --- /dev/null +++ b/charts/services/services-auth-ids-api-cleanup/values.dev.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.dev01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://preview.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.prod.yaml b/charts/services/services-auth-ids-api-cleanup/values.prod.yaml new file mode 100644 index 000000000000..6ebbacf21056 --- /dev/null +++ b/charts/services/services-auth-ids-api-cleanup/values.prod.yaml @@ -0,0 +1,823 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://innskra.island.is/admin' + IDENTITYSERVER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'false' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'true' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.innskra.island.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.staging.yaml b/charts/services/services-auth-ids-api-cleanup/values.staging.yaml new file mode 100644 index 000000000000..2273a2f55b22 --- /dev/null +++ b/charts/services/services-auth-ids-api-cleanup/values.staging.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.staging01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api/values.dev.yaml b/charts/services/services-auth-ids-api/values.dev.yaml new file mode 100644 index 000000000000..2efa5ea90de6 --- /dev/null +++ b/charts/services/services-auth-ids-api/values.dev.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.dev01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://preview.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api/values.prod.yaml b/charts/services/services-auth-ids-api/values.prod.yaml new file mode 100644 index 000000000000..6ebbacf21056 --- /dev/null +++ b/charts/services/services-auth-ids-api/values.prod.yaml @@ -0,0 +1,823 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://innskra.island.is/admin' + IDENTITYSERVER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'false' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'true' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.innskra.island.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api/values.staging.yaml b/charts/services/services-auth-ids-api/values.staging.yaml new file mode 100644 index 000000000000..2273a2f55b22 --- /dev/null +++ b/charts/services/services-auth-ids-api/values.staging.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.staging01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.dev.yaml b/charts/services/services-auth-personal-representative-public/values.dev.yaml new file mode 100644 index 000000000000..2efa5ea90de6 --- /dev/null +++ b/charts/services/services-auth-personal-representative-public/values.dev.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.dev01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://preview.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.prod.yaml b/charts/services/services-auth-personal-representative-public/values.prod.yaml new file mode 100644 index 000000000000..6ebbacf21056 --- /dev/null +++ b/charts/services/services-auth-personal-representative-public/values.prod.yaml @@ -0,0 +1,823 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://innskra.island.is/admin' + IDENTITYSERVER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'false' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'true' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.innskra.island.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.staging.yaml b/charts/services/services-auth-personal-representative-public/values.staging.yaml new file mode 100644 index 000000000000..2273a2f55b22 --- /dev/null +++ b/charts/services/services-auth-personal-representative-public/values.staging.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.staging01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative/values.dev.yaml b/charts/services/services-auth-personal-representative/values.dev.yaml new file mode 100644 index 000000000000..2efa5ea90de6 --- /dev/null +++ b/charts/services/services-auth-personal-representative/values.dev.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.dev01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://preview.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative/values.prod.yaml b/charts/services/services-auth-personal-representative/values.prod.yaml new file mode 100644 index 000000000000..6ebbacf21056 --- /dev/null +++ b/charts/services/services-auth-personal-representative/values.prod.yaml @@ -0,0 +1,823 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://innskra.island.is/admin' + IDENTITYSERVER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'false' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'true' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.innskra.island.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative/values.staging.yaml b/charts/services/services-auth-personal-representative/values.staging.yaml new file mode 100644 index 000000000000..2273a2f55b22 --- /dev/null +++ b/charts/services/services-auth-personal-representative/values.staging.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.staging01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-public-api/values.dev.yaml b/charts/services/services-auth-public-api/values.dev.yaml new file mode 100644 index 000000000000..2efa5ea90de6 --- /dev/null +++ b/charts/services/services-auth-public-api/values.dev.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.dev01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://preview.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.dev01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-public-api/values.prod.yaml b/charts/services/services-auth-public-api/values.prod.yaml new file mode 100644 index 000000000000..6ebbacf21056 --- /dev/null +++ b/charts/services/services-auth-public-api/values.prod.yaml @@ -0,0 +1,823 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://innskra.island.is/admin' + IDENTITYSERVER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'false' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'true' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.innskra.island.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.innskra.island.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'innskra.island.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-public-api/values.staging.yaml b/charts/services/services-auth-public-api/values.staging.yaml new file mode 100644 index 000000000000..2273a2f55b22 --- /dev/null +++ b/charts/services/services-auth-public-api/values.staging.yaml @@ -0,0 +1,826 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +auth-admin-web: + enabled: true + env: + BASE_URL: 'https://identity-server.staging01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/admin' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '256Mi' + requests: + cpu: '200m' + memory: '192Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +global: + env: + AUDIT_GROUP_NAME: '/identity-server/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +identity-server: + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: '[{}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' + files: + - 'ids-signing.pfx' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '4000m' + memory: '2048Mi' + requests: + cpu: '1000m' + memory: '1024Mi' + secrets: + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' + create: true + name: 'identity-server' +namespaces: + labels: {} + namespaces: + - 'identity-server' + - 'identity-server-admin' + - 'identity-server-delegation' + - 'personal-representative' +services-auth-admin-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/backend/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/backend/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/backend' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-delegation-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'auth-delegation-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'identity-server-delegation' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: '800m' + memory: '768Mi' + requests: + cpu: '400m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-ids-api-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-personal-representative-public: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'personal-representative-public-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'personal-representative' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-auth-public-api: + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'identity-server.staging01.devland.is' + paths: + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-bff-portals-admin/values.dev.yaml b/charts/services/services-bff-portals-admin/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/services-bff-portals-admin/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-bff-portals-admin/values.prod.yaml b/charts/services/services-bff-portals-admin/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/services-bff-portals-admin/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-bff-portals-admin/values.staging.yaml b/charts/services/services-bff-portals-admin/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/services-bff-portals-admin/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-documents/values.dev.yaml b/charts/services/services-documents/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/services-documents/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-documents/values.prod.yaml b/charts/services/services-documents/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/services-documents/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-documents/values.staging.yaml b/charts/services/services-documents/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/services-documents/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-sessions-cleanup/values.dev.yaml b/charts/services/services-sessions-cleanup/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/services-sessions-cleanup/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-sessions-cleanup/values.prod.yaml b/charts/services/services-sessions-cleanup/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/services-sessions-cleanup/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-sessions-cleanup/values.staging.yaml b/charts/services/services-sessions-cleanup/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/services-sessions-cleanup/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-sessions-worker/values.dev.yaml b/charts/services/services-sessions-worker/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/services-sessions-worker/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-sessions-worker/values.prod.yaml b/charts/services/services-sessions-worker/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/services-sessions-worker/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-sessions-worker/values.staging.yaml b/charts/services/services-sessions-worker/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/services-sessions-worker/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-sessions/values.dev.yaml b/charts/services/services-sessions/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/services-sessions/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-sessions/values.prod.yaml b/charts/services/services-sessions/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/services-sessions/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-sessions/values.staging.yaml b/charts/services/services-sessions/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/services-sessions/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-university-gateway-worker/values.dev.yaml b/charts/services/services-university-gateway-worker/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/services-university-gateway-worker/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-university-gateway-worker/values.prod.yaml b/charts/services/services-university-gateway-worker/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/services-university-gateway-worker/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-university-gateway-worker/values.staging.yaml b/charts/services/services-university-gateway-worker/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/services-university-gateway-worker/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-university-gateway/values.dev.yaml b/charts/services/services-university-gateway/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/services-university-gateway/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-university-gateway/values.prod.yaml b/charts/services/services-university-gateway/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/services-university-gateway/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/services-university-gateway/values.staging.yaml b/charts/services/services-university-gateway/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/services-university-gateway/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/skilavottord-web/values.dev.yaml b/charts/services/skilavottord-web/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/skilavottord-web/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/skilavottord-web/values.prod.yaml b/charts/services/skilavottord-web/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/skilavottord-web/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/skilavottord-web/values.staging.yaml b/charts/services/skilavottord-web/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/skilavottord-web/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/skilavottord-ws/values.dev.yaml b/charts/services/skilavottord-ws/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/skilavottord-ws/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/skilavottord-ws/values.prod.yaml b/charts/services/skilavottord-ws/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/skilavottord-ws/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/skilavottord-ws/values.staging.yaml b/charts/services/skilavottord-ws/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/skilavottord-ws/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/unicorn-app/values.dev.yaml b/charts/services/unicorn-app/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/unicorn-app/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/unicorn-app/values.prod.yaml b/charts/services/unicorn-app/values.prod.yaml new file mode 100644 index 000000000000..4e866d1bf8b6 --- /dev/null +++ b/charts/services/unicorn-app/values.prod.yaml @@ -0,0 +1,84 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +namespaces: + labels: {} + namespaces: + - 'unicorn-app' +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.island.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/unicorn-app' + create: true + name: 'unicorn-app' diff --git a/charts/services/unicorn-app/values.staging.yaml b/charts/services/unicorn-app/values.staging.yaml new file mode 100644 index 000000000000..d09a29feb482 --- /dev/null +++ b/charts/services/unicorn-app/values.staging.yaml @@ -0,0 +1,84 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +namespaces: + labels: {} + namespaces: + - 'unicorn-app' +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.staging01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/unicorn-app' + create: true + name: 'unicorn-app' diff --git a/charts/services/user-notification-cleanup-worker/values.dev.yaml b/charts/services/user-notification-cleanup-worker/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/user-notification-cleanup-worker/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/user-notification-cleanup-worker/values.prod.yaml b/charts/services/user-notification-cleanup-worker/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/user-notification-cleanup-worker/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/user-notification-cleanup-worker/values.staging.yaml b/charts/services/user-notification-cleanup-worker/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/user-notification-cleanup-worker/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/user-notification-worker/values.dev.yaml b/charts/services/user-notification-worker/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/user-notification-worker/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/user-notification-worker/values.prod.yaml b/charts/services/user-notification-worker/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/user-notification-worker/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/user-notification-worker/values.staging.yaml b/charts/services/user-notification-worker/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/user-notification-worker/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/user-notification/values.dev.yaml b/charts/services/user-notification/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/user-notification/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/user-notification/values.prod.yaml b/charts/services/user-notification/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/user-notification/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/user-notification/values.staging.yaml b/charts/services/user-notification/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/user-notification/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/web/values.dev.yaml b/charts/services/web/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/web/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/web/values.prod.yaml b/charts/services/web/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/web/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/web/values.staging.yaml b/charts/services/web/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/web/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/xroad-collector/values.dev.yaml b/charts/services/xroad-collector/values.dev.yaml new file mode 100644 index 000000000000..58d9f8e96dbc --- /dev/null +++ b/charts/services/xroad-collector/values.dev.yaml @@ -0,0 +1,3563 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.dev01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.dev01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/api' + - host: 'api-catalogue.dev01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.dev01.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.dev01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +external-contracts-tests: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '1' + memory: '1024Mi' + requests: + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +github-actions-cache: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'cache.dev01.devland.is' + paths: + - '/' + namespace: 'github-actions-cache' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' + create: true + name: 'github-actions-cache' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.dev01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'consultation-portal' + - 'islandis' + - 'search-indexer' + - 'xroad-collector' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'github-actions-cache' + - 'user-notification' + - 'external-contracts-tests' + - 'contentful-entry-tagger' + - 'license-api' + - 'services-sessions' + - 'contentful-apps' + - 'services-university-gateway' + - 'unicorn-app' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.dev01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.dev01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.dev01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.dev01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.dev01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.dev01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/xroad-collector/values.prod.yaml b/charts/services/xroad-collector/values.prod.yaml new file mode 100644 index 000000000000..c7e37f4144c5 --- /dev/null +++ b/charts/services/xroad-collector/values.prod.yaml @@ -0,0 +1,3379 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.island.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/api' + - host: 'www.island.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/umsoknir' + - host: 'www.island.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/samradsgatt' + - host: 'www.island.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +contentful-apps: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-apps.island.is' + paths: + - '/' + namespace: 'contentful-apps' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' + create: true + name: 'contentful-apps' +contentful-entry-tagger-service: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'contentful-entry-tagger-service.devland.is' + paths: + - '/' + namespace: 'contentful-entry-tagger' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' + create: true + name: 'contentful-entry-tagger' +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.island.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.island.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'search-indexer' + - 'skilavottord' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' + - 'contentful-apps' + - 'contentful-entry-tagger' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord' + - host: 'www.island.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/minarsidur' + - host: 'www.island.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.island.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/stjornbord/bff' + - host: 'www.island.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.island.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.island.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/' + - host: 'www.island.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.island.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'island.is' + paths: + - '/' + - host: 'www.island.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' + create: true + name: 'xroad-collector' diff --git a/charts/services/xroad-collector/values.staging.yaml b/charts/services/xroad-collector/values.staging.yaml new file mode 100644 index 000000000000..227a2b0fcc6d --- /dev/null +++ b/charts/services/xroad-collector/values.staging.yaml @@ -0,0 +1,3238 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### +air-discount-scheme-api: + enabled: true + env: + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/graphql' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' + create: true + name: 'air-discount-scheme-api' +air-discount-scheme-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/api/swagger' + - '/api/public' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +air-discount-scheme-web: + enabled: true + env: + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'loftbru.staging01.devland.is' + paths: + - '/' + - host: 'loftbru-cf.staging01.devland.is' + paths: + - '/' + namespace: 'air-discount-scheme' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/api' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1200m' + memory: '3200Mi' + requests: + cpu: '400m' + memory: '896Mi' + secrets: + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' + create: true + name: 'api' +application-system-api: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' + paths: + - '/application-payment' + - '/applications' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: '400m' + memory: '1024Mi' + requests: + cpu: '75m' + memory: '512Mi' + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' + create: true + name: 'application-system-api' +application-system-api-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '768Mi' + requests: + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' + secrets: + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' + create: true + name: 'application-system-api-worker' +application-system-form: + enabled: true + env: + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/umsoknir' + namespace: 'application-system' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +consultation-portal: + enabled: true + env: + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/samradsgatt' + namespace: 'consultation-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +download-service: + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: 'download/v1/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: 'download/v1/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'api.staging01.devland.is' + paths: + - '/download' + namespace: 'download-service' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '200m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false +endorsement-system-api: + args: + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' + create: true + name: 'endorsement-system-api' +global: + env: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +icelandic-names-registry-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +island-ui-storybook: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'ui.staging01.devland.is' + paths: + - '/' + namespace: 'storybook' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '10m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false +license-api: + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'license-api-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'license-api' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +namespaces: + labels: {} + namespaces: + - 'application-system' + - 'service-portal' + - 'portals-admin' + - 'islandis' + - 'consultation-portal' + - 'skilavottord' + - 'search-indexer' + - 'services-documents' + - 'storybook' + - 'xroad-collector' + - 'download-service' + - 'icelandic-names-registry' + - 'endorsement-system' + - 'air-discount-scheme' + - 'regulations-admin' + - 'user-notification' + - 'license-api' + - 'services-sessions' + - 'services-university-gateway' +portals-admin: + enabled: true + env: + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +regulations-admin-backend: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'islandis' + - 'download-service' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + securityContext: + allowPrivilegeEscalation: false + privileged: false +search-indexer-service: + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'search-indexer-service.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - '/webapp/migrateAws.js' + command: + - '/usr/local/bin/node' + name: 'migrate-aws' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + - args: + - '/webapp/migrateElastic.js' + command: + - '/usr/local/bin/node' + name: 'migrate-elastic' + resources: + limits: + cpu: '700m' + memory: '4096Mi' + requests: + cpu: '300m' + memory: '3072Mi' + - args: + - '/webapp/migrateKibana.js' + command: + - '/usr/local/bin/node' + name: 'migrate-kibana' + resources: + limits: + cpu: '400m' + memory: '2048Mi' + requests: + cpu: '100m' + memory: '512Mi' + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: '800m' + memory: '4096Mi' + requests: + cpu: '400m' + memory: '3072Mi' + secrets: + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' + create: true + name: 'search-indexer' +service-portal: + enabled: true + env: + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/minarsidur' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '300m' + memory: '256Mi' + requests: + cpu: '5m' + memory: '32Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +service-portal-api: + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + files: + - 'islyklar.p12' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'service-portal-api.internal.staging01.devland.is' + paths: + - '/' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: '800m' + memory: '1024Mi' + requests: + cpu: '100m' + memory: '512Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' + create: true + name: 'service-portal-api' +services-bff-portals-admin: + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/stjornbord/bff/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/stjornbord/bff' + namespace: 'portals-admin' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' + create: true + name: 'services-bff' +services-documents: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'islandis' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'sessions-api.internal.staging01.devland.is' + paths: + - '/' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '250m' + memory: '512Mi' + requests: + cpu: '25m' + memory: '300Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-cleanup: + args: + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false +services-sessions-worker: + args: + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '100m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' + create: true + name: 'sessions-worker' +services-university-gateway: + args: + - 'main.js' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'services-university-gateway.internal.staging01.devland.is' + paths: + - '/api' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + - args: + - 'sequelize-cli' + - 'db:seed:all' + command: + - 'npx' + name: 'seed' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' + create: true + name: 'services-university-gateway' +services-university-gateway-worker: + args: + - 'main.js' + - '--job' + - 'worker' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' + grantNamespaces: + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '384Mi' + requests: + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' + create: true + name: 'services-university-gateway-worker' +skilavottord-web: + enabled: true + env: + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-external' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false +skilavottord-ws: + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'application-system' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/app/skilavottord/api/graphql' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '512Mi' + requests: + cpu: '40m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' + securityContext: + allowPrivilegeEscalation: false + privileged: false +user-notification: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'user-notification-xrd.internal.staging01.devland.is' + paths: + - '/' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' + create: true + name: 'user-notification' +user-notification-cleanup-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' + command: + - 'node' + enabled: true + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' + create: true + name: 'user-notification-cleanup-worker' +user-notification-worker: + args: + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' + command: + - 'node' + enabled: true + env: + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/health/check' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' + initContainer: + containers: + - args: + - 'sequelize-cli' + - 'db:migrate' + command: + - 'npx' + name: 'migrations' + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + env: + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' + secrets: + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: '400m' + memory: '384Mi' + requests: + cpu: '150m' + memory: '256Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' + create: true + name: 'user-notification-worker' +web: + basicAuth: '/k8s/web/basic_auth' + enabled: true + env: + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + TRACKING_DOMAIN: 'beta.staging01.devland.is' + grantNamespaces: + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'beta.staging01.devland.is' + paths: + - '/' + namespace: 'islandis' + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: '1000m' + memory: '768Mi' + requests: + cpu: '300m' + memory: '384Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + securityContext: + allowPrivilegeEscalation: false + privileged: false +xroad-collector: + args: + - '--no-experimental-fetch' + - 'main.js' + command: + - 'node' + enabled: true + env: + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' + create: true + name: 'xroad-collector' From 7277b886f0a18f6cf9de16628414138f1417435a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 13 Nov 2024 00:09:18 +0000 Subject: [PATCH 21/50] fix: only a single service please --- .../air-discount-scheme-api/values.dev.yaml | 3658 +------------ .../air-discount-scheme-api/values.prod.yaml | 3474 +------------ .../values.staging.yaml | 3333 +----------- .../values.dev.yaml | 3752 +------------ .../values.prod.yaml | 3568 +------------ .../values.staging.yaml | 3427 +----------- .../air-discount-scheme-web/values.dev.yaml | 3671 +------------ .../air-discount-scheme-web/values.prod.yaml | 3487 +------------ .../values.staging.yaml | 3346 +----------- charts/services/api/values.dev.yaml | 4625 ++++------------- charts/services/api/values.prod.yaml | 4441 ++++------------ charts/services/api/values.staging.yaml | 4300 ++++----------- .../values.dev.yaml | 3766 +------------- .../values.prod.yaml | 3582 +------------ .../values.staging.yaml | 3441 +----------- .../application-system-api/values.dev.yaml | 4419 +++------------- .../application-system-api/values.prod.yaml | 4235 +++------------ .../values.staging.yaml | 4094 +++------------ .../application-system-form/values.dev.yaml | 3658 +------------ .../application-system-form/values.prod.yaml | 3474 +------------ .../values.staging.yaml | 3333 +----------- .../services/auth-admin-web/values.dev.yaml | 935 +--- .../services/auth-admin-web/values.prod.yaml | 932 +--- .../auth-admin-web/values.staging.yaml | 935 +--- .../consultation-portal/values.dev.yaml | 3665 +------------ .../consultation-portal/values.prod.yaml | 3481 +------------ .../consultation-portal/values.staging.yaml | 3340 +----------- .../services/contentful-apps/values.dev.yaml | 3625 +------------ .../services/contentful-apps/values.prod.yaml | 3441 +----------- .../values.dev.yaml | 3622 +------------ .../values.prod.yaml | 3438 +----------- .../services/download-service/values.dev.yaml | 3839 +------------- .../download-service/values.prod.yaml | 3655 +------------ .../download-service/values.staging.yaml | 3514 +------------ .../endorsement-system-api/values.dev.yaml | 3751 +------------ .../endorsement-system-api/values.prod.yaml | 3567 +------------ .../values.staging.yaml | 3426 +----------- .../external-contracts-tests/values.dev.yaml | 3664 +------------ .../github-actions-cache/values.dev.yaml | 3645 +------------ .../values.dev.yaml | 3649 +------------ .../values.prod.yaml | 3465 +----------- .../values.staging.yaml | 3324 +----------- .../services/identity-server/values.dev.yaml | 1027 +--- .../services/identity-server/values.prod.yaml | 1024 +--- .../identity-server/values.staging.yaml | 1027 +--- .../island-ui-storybook/values.dev.yaml | 3620 +------------ .../island-ui-storybook/values.prod.yaml | 3436 +----------- .../island-ui-storybook/values.staging.yaml | 3295 +----------- .../judicial-system-api/values.dev.yaml | 780 +-- .../judicial-system-api/values.prod.yaml | 780 +-- .../judicial-system-api/values.staging.yaml | 780 +-- .../judicial-system-backend/values.dev.yaml | 854 +-- .../judicial-system-backend/values.prod.yaml | 854 +-- .../values.staging.yaml | 854 +-- .../values.dev.yaml | 726 +-- .../values.prod.yaml | 726 +-- .../values.staging.yaml | 726 +-- .../values.dev.yaml | 710 +-- .../values.prod.yaml | 710 +-- .../values.staging.yaml | 710 +-- .../judicial-system-robot-api/values.dev.yaml | 720 +-- .../values.prod.yaml | 720 +-- .../values.staging.yaml | 720 +-- .../judicial-system-scheduler/values.dev.yaml | 727 +-- .../values.prod.yaml | 727 +-- .../values.staging.yaml | 727 +-- .../judicial-system-web/values.dev.yaml | 730 +-- .../judicial-system-web/values.prod.yaml | 730 +-- .../judicial-system-web/values.staging.yaml | 730 +-- .../judicial-system-xrd-api/values.dev.yaml | 720 +-- .../judicial-system-xrd-api/values.prod.yaml | 720 +-- .../values.staging.yaml | 720 +-- charts/services/license-api/values.dev.yaml | 3760 +------------- charts/services/license-api/values.prod.yaml | 3576 +------------ .../services/license-api/values.staging.yaml | 3435 +----------- charts/services/portals-admin/values.dev.yaml | 3658 +------------ .../services/portals-admin/values.prod.yaml | 3474 +------------ .../portals-admin/values.staging.yaml | 3333 +----------- .../regulations-admin-backend/values.dev.yaml | 3710 +------------ .../values.prod.yaml | 3526 +------------ .../values.staging.yaml | 3385 +----------- .../search-indexer-service/values.dev.yaml | 3767 +------------- .../search-indexer-service/values.prod.yaml | 3583 +------------ .../values.staging.yaml | 3442 +----------- .../service-portal-api/values.dev.yaml | 3759 +------------- .../service-portal-api/values.prod.yaml | 3575 +------------ .../service-portal-api/values.staging.yaml | 3434 +----------- .../services/service-portal/values.dev.yaml | 3665 +------------ .../services/service-portal/values.prod.yaml | 3481 +------------ .../service-portal/values.staging.yaml | 3340 +----------- .../services-auth-admin-api/values.dev.yaml | 1012 +--- .../services-auth-admin-api/values.prod.yaml | 1009 +--- .../values.staging.yaml | 1012 +--- .../values.dev.yaml | 999 +--- .../values.prod.yaml | 996 +--- .../values.staging.yaml | 999 +--- .../values.dev.yaml | 901 +--- .../values.prod.yaml | 898 +--- .../values.staging.yaml | 901 +--- .../services-auth-ids-api/values.dev.yaml | 1067 +--- .../services-auth-ids-api/values.prod.yaml | 1064 +--- .../services-auth-ids-api/values.staging.yaml | 1067 +--- .../values.dev.yaml | 899 +--- .../values.prod.yaml | 896 +--- .../values.staging.yaml | 899 +--- .../values.dev.yaml | 990 +--- .../values.prod.yaml | 987 +--- .../values.staging.yaml | 990 +--- .../services-auth-public-api/values.dev.yaml | 1031 +--- .../services-auth-public-api/values.prod.yaml | 1028 +--- .../values.staging.yaml | 1031 +--- .../values.dev.yaml | 3695 +------------ .../values.prod.yaml | 3511 +------------ .../values.staging.yaml | 3370 +----------- .../services-documents/values.dev.yaml | 3642 +------------ .../services-documents/values.prod.yaml | 3458 +----------- .../services-documents/values.staging.yaml | 3317 +----------- .../services-sessions-cleanup/values.dev.yaml | 3633 +------------ .../values.prod.yaml | 3449 +----------- .../values.staging.yaml | 3308 +----------- .../services-sessions-worker/values.dev.yaml | 3655 +------------ .../services-sessions-worker/values.prod.yaml | 3471 +------------ .../values.staging.yaml | 3330 +----------- .../services-sessions/values.dev.yaml | 3646 +------------ .../services-sessions/values.prod.yaml | 3462 +----------- .../services-sessions/values.staging.yaml | 3321 +----------- .../values.dev.yaml | 3752 +------------ .../values.prod.yaml | 3568 +------------ .../values.staging.yaml | 3427 +----------- .../values.dev.yaml | 3788 +------------- .../values.prod.yaml | 3604 +------------ .../values.staging.yaml | 3463 +----------- .../services/skilavottord-web/values.dev.yaml | 3653 +------------ .../skilavottord-web/values.prod.yaml | 3469 +------------ .../skilavottord-web/values.staging.yaml | 3328 +----------- .../services/skilavottord-ws/values.dev.yaml | 3668 +------------ .../services/skilavottord-ws/values.prod.yaml | 3484 +------------ .../skilavottord-ws/values.staging.yaml | 3343 +----------- charts/services/unicorn-app/values.dev.yaml | 3625 +------------ .../values.dev.yaml | 3651 +------------ .../values.prod.yaml | 3467 +----------- .../values.staging.yaml | 3326 +----------- .../user-notification-worker/values.dev.yaml | 3755 +------------ .../user-notification-worker/values.prod.yaml | 3571 +------------ .../values.staging.yaml | 3430 +----------- .../user-notification/values.dev.yaml | 3753 +------------ .../user-notification/values.prod.yaml | 3569 +------------ .../user-notification/values.staging.yaml | 3428 +----------- charts/services/web/values.dev.yaml | 3680 +------------ charts/services/web/values.prod.yaml | 3496 +------------ charts/services/web/values.staging.yaml | 3355 +----------- .../services/xroad-collector/values.dev.yaml | 3667 +------------ .../services/xroad-collector/values.prod.yaml | 3483 +------------ .../xroad-collector/values.staging.yaml | 3342 +----------- infra/src/cli/generate-chart-values.ts | 11 +- 155 files changed, 25024 insertions(+), 388306 deletions(-) diff --git a/charts/services/air-discount-scheme-api/values.dev.yaml b/charts/services/air-discount-scheme-api/values.dev.yaml index 58d9f8e96dbc..d0f068167a44 100644 --- a/charts/services/air-discount-scheme-api/values.dev.yaml +++ b/charts/services/air-discount-scheme-api/values.dev.yaml @@ -1,3563 +1,95 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "air-discount-scheme-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUTH_AUDIENCE": { + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + }, + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + } + }, + "features": {}, + "name": "air-discount-scheme-api", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "AUTH_JWT_SECRET": "/k8s/air-discount-scheme/api/AUTH_JWT_SECRET", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN", + "DEVELOPERS": "/k8s/air-discount-scheme/api/DEVELOPERS", + "ADMINS": "/k8s/air-discount-scheme/api/ADMINS" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "loftbru", + "loftbru-cf" + ], + "staging": [ + "loftbru", + "loftbru-cf" + ], + "prod": [ + "loftbru" + ] + }, + "paths": [ + "/api/graphql" + ], + "public": true + } + }, + "namespace": "air-discount-scheme", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "air-discount-scheme-api", + "replicaCount": { + "min": 2, + "max": 10, + "default": 2, + "scalingMagicNumber": 20 + } + } + } +} \ No newline at end of file diff --git a/charts/services/air-discount-scheme-api/values.prod.yaml b/charts/services/air-discount-scheme-api/values.prod.yaml index c7e37f4144c5..d0f068167a44 100644 --- a/charts/services/air-discount-scheme-api/values.prod.yaml +++ b/charts/services/air-discount-scheme-api/values.prod.yaml @@ -1,3379 +1,95 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "air-discount-scheme-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUTH_AUDIENCE": { + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + }, + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + } + }, + "features": {}, + "name": "air-discount-scheme-api", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "AUTH_JWT_SECRET": "/k8s/air-discount-scheme/api/AUTH_JWT_SECRET", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN", + "DEVELOPERS": "/k8s/air-discount-scheme/api/DEVELOPERS", + "ADMINS": "/k8s/air-discount-scheme/api/ADMINS" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "loftbru", + "loftbru-cf" + ], + "staging": [ + "loftbru", + "loftbru-cf" + ], + "prod": [ + "loftbru" + ] + }, + "paths": [ + "/api/graphql" + ], + "public": true + } + }, + "namespace": "air-discount-scheme", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "air-discount-scheme-api", + "replicaCount": { + "min": 2, + "max": 10, + "default": 2, + "scalingMagicNumber": 20 + } + } + } +} \ No newline at end of file diff --git a/charts/services/air-discount-scheme-api/values.staging.yaml b/charts/services/air-discount-scheme-api/values.staging.yaml index 227a2b0fcc6d..d0f068167a44 100644 --- a/charts/services/air-discount-scheme-api/values.staging.yaml +++ b/charts/services/air-discount-scheme-api/values.staging.yaml @@ -1,3238 +1,95 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "air-discount-scheme-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUTH_AUDIENCE": { + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + }, + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + } + }, + "features": {}, + "name": "air-discount-scheme-api", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "AUTH_JWT_SECRET": "/k8s/air-discount-scheme/api/AUTH_JWT_SECRET", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN", + "DEVELOPERS": "/k8s/air-discount-scheme/api/DEVELOPERS", + "ADMINS": "/k8s/air-discount-scheme/api/ADMINS" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "loftbru", + "loftbru-cf" + ], + "staging": [ + "loftbru", + "loftbru-cf" + ], + "prod": [ + "loftbru" + ] + }, + "paths": [ + "/api/graphql" + ], + "public": true + } + }, + "namespace": "air-discount-scheme", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "air-discount-scheme-api", + "replicaCount": { + "min": 2, + "max": 10, + "default": 2, + "scalingMagicNumber": 20 + } + } + } +} \ No newline at end of file diff --git a/charts/services/air-discount-scheme-backend/values.dev.yaml b/charts/services/air-discount-scheme-backend/values.dev.yaml index 58d9f8e96dbc..ad02ac00c1b3 100644 --- a/charts/services/air-discount-scheme-backend/values.dev.yaml +++ b/charts/services/air-discount-scheme-backend/values.dev.yaml @@ -1,3563 +1,189 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "air-discount-scheme-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "ENVIRONMENT": { + "dev": "dev", + "staging": "staging", + "prod": "prod" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@vegagerdin.is/clients/air-discount-scheme" + }, + "features": {}, + "name": "air-discount-scheme-backend", + "grantNamespaces": [ + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ICELANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY", + "MYFLUG_API_KEY": "/k8s/air-discount-scheme/backend/MYFLUG_API_KEY", + "ERNIR_API_KEY": "/k8s/air-discount-scheme/backend/ERNIR_API_KEY", + "NORLANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY", + "NATIONAL_REGISTRY_PASSWORD": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD", + "NATIONAL_REGISTRY_USERNAME": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME", + "NATIONAL_REGISTRY_URL": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "loftbru", + "loftbru-cf" + ], + "staging": [ + "loftbru", + "loftbru-cf" + ], + "prod": "loftbru" + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": {} + }, + "paths": [ + "/api/swagger", + "/api/public" + ] + } + }, + "namespace": "air-discount-scheme", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "air-discount-scheme-backend", + "postgres": { + "username": "air_discount_scheme_backend", + "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", + "name": "air_discount_scheme_backend" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "air_discount_scheme_backend", + "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", + "name": "air_discount_scheme_backend" + } + }, + "redis": { + "host": { + "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379", + "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379", + "prod": "clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379" + } + }, + "replicaCount": { + "min": 2, + "max": 10, + "default": 2, + "scalingMagicNumber": 20 + } + } + } +} \ No newline at end of file diff --git a/charts/services/air-discount-scheme-backend/values.prod.yaml b/charts/services/air-discount-scheme-backend/values.prod.yaml index c7e37f4144c5..ad02ac00c1b3 100644 --- a/charts/services/air-discount-scheme-backend/values.prod.yaml +++ b/charts/services/air-discount-scheme-backend/values.prod.yaml @@ -1,3379 +1,189 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "air-discount-scheme-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "ENVIRONMENT": { + "dev": "dev", + "staging": "staging", + "prod": "prod" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@vegagerdin.is/clients/air-discount-scheme" + }, + "features": {}, + "name": "air-discount-scheme-backend", + "grantNamespaces": [ + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ICELANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY", + "MYFLUG_API_KEY": "/k8s/air-discount-scheme/backend/MYFLUG_API_KEY", + "ERNIR_API_KEY": "/k8s/air-discount-scheme/backend/ERNIR_API_KEY", + "NORLANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY", + "NATIONAL_REGISTRY_PASSWORD": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD", + "NATIONAL_REGISTRY_USERNAME": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME", + "NATIONAL_REGISTRY_URL": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "loftbru", + "loftbru-cf" + ], + "staging": [ + "loftbru", + "loftbru-cf" + ], + "prod": "loftbru" + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": {} + }, + "paths": [ + "/api/swagger", + "/api/public" + ] + } + }, + "namespace": "air-discount-scheme", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "air-discount-scheme-backend", + "postgres": { + "username": "air_discount_scheme_backend", + "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", + "name": "air_discount_scheme_backend" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "air_discount_scheme_backend", + "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", + "name": "air_discount_scheme_backend" + } + }, + "redis": { + "host": { + "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379", + "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379", + "prod": "clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379" + } + }, + "replicaCount": { + "min": 2, + "max": 10, + "default": 2, + "scalingMagicNumber": 20 + } + } + } +} \ No newline at end of file diff --git a/charts/services/air-discount-scheme-backend/values.staging.yaml b/charts/services/air-discount-scheme-backend/values.staging.yaml index 227a2b0fcc6d..ad02ac00c1b3 100644 --- a/charts/services/air-discount-scheme-backend/values.staging.yaml +++ b/charts/services/air-discount-scheme-backend/values.staging.yaml @@ -1,3238 +1,189 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "air-discount-scheme-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "ENVIRONMENT": { + "dev": "dev", + "staging": "staging", + "prod": "prod" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@vegagerdin.is/clients/air-discount-scheme" + }, + "features": {}, + "name": "air-discount-scheme-backend", + "grantNamespaces": [ + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ICELANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY", + "MYFLUG_API_KEY": "/k8s/air-discount-scheme/backend/MYFLUG_API_KEY", + "ERNIR_API_KEY": "/k8s/air-discount-scheme/backend/ERNIR_API_KEY", + "NORLANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY", + "NATIONAL_REGISTRY_PASSWORD": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD", + "NATIONAL_REGISTRY_USERNAME": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME", + "NATIONAL_REGISTRY_URL": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "loftbru", + "loftbru-cf" + ], + "staging": [ + "loftbru", + "loftbru-cf" + ], + "prod": "loftbru" + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": {} + }, + "paths": [ + "/api/swagger", + "/api/public" + ] + } + }, + "namespace": "air-discount-scheme", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "air-discount-scheme-backend", + "postgres": { + "username": "air_discount_scheme_backend", + "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", + "name": "air_discount_scheme_backend" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "air_discount_scheme_backend", + "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", + "name": "air_discount_scheme_backend" + } + }, + "redis": { + "host": { + "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379", + "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379", + "prod": "clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379" + } + }, + "replicaCount": { + "min": 2, + "max": 10, + "default": 2, + "scalingMagicNumber": 20 + } + } + } +} \ No newline at end of file diff --git a/charts/services/air-discount-scheme-web/values.dev.yaml b/charts/services/air-discount-scheme-web/values.dev.yaml index 58d9f8e96dbc..7578d054e120 100644 --- a/charts/services/air-discount-scheme-web/values.dev.yaml +++ b/charts/services/air-discount-scheme-web/values.dev.yaml @@ -1,3563 +1,108 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "air-discount-scheme-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_DOMAIN": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "NEXTAUTH_URL": { + "staging": "https://loftbru.staging01.devland.is", + "prod": "https://loftbru.island.is" + } + }, + "features": {}, + "name": "air-discount-scheme-web", + "grantNamespaces": [ + "nginx-ingress-external", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", + "IDENTITY_SERVER_SECRET": "/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "loftbru", + "loftbru-cf" + ], + "staging": [ + "loftbru", + "loftbru-cf" + ], + "prod": [ + "loftbru" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", + "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", + "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;" + } + }, + "paths": [ + "/" + ], + "public": true + } + }, + "namespace": "air-discount-scheme", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "min": 2, + "max": 10, + "default": 2, + "scalingMagicNumber": 20 + } + } + } +} \ No newline at end of file diff --git a/charts/services/air-discount-scheme-web/values.prod.yaml b/charts/services/air-discount-scheme-web/values.prod.yaml index c7e37f4144c5..7578d054e120 100644 --- a/charts/services/air-discount-scheme-web/values.prod.yaml +++ b/charts/services/air-discount-scheme-web/values.prod.yaml @@ -1,3379 +1,108 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "air-discount-scheme-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_DOMAIN": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "NEXTAUTH_URL": { + "staging": "https://loftbru.staging01.devland.is", + "prod": "https://loftbru.island.is" + } + }, + "features": {}, + "name": "air-discount-scheme-web", + "grantNamespaces": [ + "nginx-ingress-external", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", + "IDENTITY_SERVER_SECRET": "/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "loftbru", + "loftbru-cf" + ], + "staging": [ + "loftbru", + "loftbru-cf" + ], + "prod": [ + "loftbru" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", + "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", + "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;" + } + }, + "paths": [ + "/" + ], + "public": true + } + }, + "namespace": "air-discount-scheme", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "min": 2, + "max": 10, + "default": 2, + "scalingMagicNumber": 20 + } + } + } +} \ No newline at end of file diff --git a/charts/services/air-discount-scheme-web/values.staging.yaml b/charts/services/air-discount-scheme-web/values.staging.yaml index 227a2b0fcc6d..7578d054e120 100644 --- a/charts/services/air-discount-scheme-web/values.staging.yaml +++ b/charts/services/air-discount-scheme-web/values.staging.yaml @@ -1,3238 +1,108 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "air-discount-scheme-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_DOMAIN": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "NEXTAUTH_URL": { + "staging": "https://loftbru.staging01.devland.is", + "prod": "https://loftbru.island.is" + } + }, + "features": {}, + "name": "air-discount-scheme-web", + "grantNamespaces": [ + "nginx-ingress-external", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", + "IDENTITY_SERVER_SECRET": "/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "loftbru", + "loftbru-cf" + ], + "staging": [ + "loftbru", + "loftbru-cf" + ], + "prod": [ + "loftbru" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", + "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", + "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;" + } + }, + "paths": [ + "/" + ], + "public": true + } + }, + "namespace": "air-discount-scheme", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "min": 2, + "max": 10, + "default": 2, + "scalingMagicNumber": 20 + } + } + } +} \ No newline at end of file diff --git a/charts/services/api/values.dev.yaml b/charts/services/api/values.dev.yaml index 58d9f8e96dbc..5ba1c6a118e6 100644 --- a/charts/services/api/values.dev.yaml +++ b/charts/services/api/values.dev.yaml @@ -1,3563 +1,1062 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { + "dev": "loftbru.dev01.devland.is", + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + }, + "FILE_STORAGE_UPLOAD_BUCKET": { + "dev": "island-is-dev-upload-api", + "staging": "island-is-staging-upload-api", + "prod": "island-is-prod-upload-api" + }, + "AUTH_PUBLIC_API_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/" + }, + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTACT_US_EMAIL": { + "prod": "island@island.is", + "staging": "island@island.is", + "dev": "s@kogk.is" + }, + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "stjanilofts" + }, + "TELL_US_A_STORY_EMAIL": { + "dev": "s@kogk.is", + "staging": "sogur@island.is", + "prod": "sogur@island.is" + }, + "SEND_FROM_EMAIL": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "island@island.is" + }, + "FILE_DOWNLOAD_BUCKET": { + "dev": "island-is-dev-download-cache-api", + "staging": "island-is-staging-download-cache-api", + "prod": "island-is-prod-download-cache-api" + }, + "DOWNLOAD_SERVICE_BASE_PATH": { + "prod": "https://api.island.is", + "dev": "https://api.dev01.devland.is", + "staging": "https://api.staging01.devland.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/api", + "AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT": "20000", + "XROAD_NATIONAL_REGISTRY_TIMEOUT": "20000", + "XROAD_PROPERTIES_TIMEOUT": "35000", + "SYSLUMENN_TIMEOUT": "40000", + "XROAD_DRIVING_LICENSE_BOOK_TIMEOUT": "20000", + "XROAD_FINANCES_TIMEOUT": "20000", + "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL": { + "dev": "http://web-financial-aid-backend", + "staging": "http://web-financial-aid-backend", + "prod": "http://web-financial-aid-backend" + }, + "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { + "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" + }, + "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", + "FINANCIAL_STATEMENTS_INAO_SCOPE": { + "dev": "https://dev-re.crm4.dynamics.com/.default", + "staging": "https://dev-re.crm4.dynamics.com/.default", + "prod": "https://star-re.crm4.dynamics.com/.default" + }, + "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", + "ELECTRONIC_REGISTRATION_STATISTICS_API_URL": { + "dev": "https://api-staging.thinglysing.is/business/tolfraedi", + "staging": "https://api-staging.thinglysing.is/business/tolfraedi", + "prod": "https://api.thinglysing.is/business/tolfraedi" + }, + "FORM_SYSTEM_API_BASE_PATH": { + "dev": "https://profun.island.is/umsoknarkerfi", + "staging": "", + "prod": "" + }, + "CONSULTATION_PORTAL_CLIENT_BASE_PATH": { + "dev": "https://samradapi-test.devland.is", + "staging": "https://samradapi-test.devland.is", + "prod": "https://samradapi.island.is" + }, + "FISKISTOFA_ZENTER_CLIENT_ID": "1114", + "HSN_WEB_FORM_ID": "1dimJFHLFYtnhoYEA3JxRK", + "AUTH_ADMIN_API_PATH": { + "dev": "https://identity-server.dev01.devland.is/backend", + "staging": "https://identity-server.staging01.devland.is/backend", + "prod": "https://innskra.island.is/backend" + }, + "AUTH_ADMIN_API_PATHS": { + "dev": "{\"development\":\"https://identity-server.dev01.devland.is/backend\"}", + "staging": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\"}", + "prod": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\",\"production\":\"https://innskra.island.is/backend\"}" + }, + "AUTH_IDS_API_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "HUNTING_LICENSE_PASS_TEMPLATE_ID": { + "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "prod": "5f42f942-d8d6-40bf-a186-5a9e12619d9f" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "APOLLO_CACHE_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "LICENSE_SERVICE_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_SCOPE": "[\"@rsk.is/prokura\",\"@rsk.is/prokura:admin\"]", + "WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME": { + "dev": "island-is-assistant-feedback", + "staging": "island-is-assistant-feedback", + "prod": "island-is-assistant-feedback" + } + }, + "features": {}, + "name": "api", + "grantNamespaces": [ + "nginx-ingress-external", + "api-catalogue", + "application-system", + "consultation-portal", + "portals-admin" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET", + "DOCUMENT_PROVIDER_BASE_PATH": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH", + "DOCUMENT_PROVIDER_TOKEN_URL": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL", + "DOCUMENT_PROVIDER_BASE_PATH_TEST": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST", + "DOCUMENT_PROVIDER_TOKEN_URL_TEST": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST", + "SYSLUMENN_HOST": "/k8s/api/SYSLUMENN_HOST", + "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", + "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", + "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", + "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", + "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", + "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", + "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", + "DOCUMENT_PROVIDER_CLIENTID": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID", + "DOCUMENT_PROVIDER_CLIENT_SECRET": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET", + "DOCUMENT_PROVIDER_CLIENTID_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST", + "DOCUMENT_PROVIDER_CLIENT_SECRET_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST", + "SYSLUMENN_USERNAME": "/k8s/api/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/api/SYSLUMENN_PASSWORD", + "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", + "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", + "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", + "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", + "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", + "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", + "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", + "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", + "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", + "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", + "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", + "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", + "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", + "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", + "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", + "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", + "ADR_LICENSE_FETCH_TIMEOUT": "/k8s/api/ADR_LICENSE_FETCH_TIMEOUT", + "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", + "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", + "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", + "INTELLECTUAL_PROPERTY_API_KEY": "/k8s/api/IP_API_KEY", + "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", + "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", + "VEHICLES_ALLOW_CO_OWNERS": "/k8s/api/VEHICLES_ALLOW_CO_OWNERS", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/api/IDENTITY_SERVER_CLIENT_SECRET", + "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", + "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", + "FISKISTOFA_ZENTER_EMAIL": "/k8s/api/FISKISTOFA_ZENTER_EMAIL", + "FISKISTOFA_ZENTER_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_PASSWORD", + "FISKISTOFA_ZENTER_CLIENT_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD", + "FISKISTOFA_API_URL": "/k8s/api/FISKISTOFA_API_URL", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE", + "FISKISTOFA_POWERBI_CLIENT_ID": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID", + "FISKISTOFA_POWERBI_CLIENT_SECRET": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET", + "FISKISTOFA_POWERBI_TENANT_ID": "/k8s/api/FISKISTOFA_POWERBI_TENANT_ID", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", + "HSN_WEB_FORM_RESPONSE_URL": "/k8s/api/HSN_WEB_FORM_RESPONSE_URL", + "HSN_WEB_FORM_RESPONSE_SECRET": "/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET", + "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY", + "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY", + "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY", + "CHART_STATISTIC_SOURCE_DATA_PATHS": "/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS", + "CHART_STATISTIC_CACHE_TTL": "/k8s/api/CHART_STATISTIC_CACHE_TTL", + "WATSON_ASSISTANT_CHAT_FEEDBACK_URL": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL", + "WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY", + "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY", + "ULTRAVIOLET_RADIATION_API_KEY": "/k8s/api/ULTRAVIOLET_RADIATION_API_KEY", + "UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL": "/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL", + "VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY": "/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta", + "api-catalogue" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "paths": [ + "/api" + ], + "public": true + } + }, + "namespace": "islandis", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "1200m", + "memory": "3200Mi" + }, + "requests": { + "cpu": "400m", + "memory": "896Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_ADR_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_COURT_BANKRUPTCY_CERT_PATH": { + "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", + "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", + "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" + } + }, + "secrets": { + "DOMSYSLA_PASSWORD": "/k8s/api/DOMSYSLA_PASSWORD", + "DOMSYSLA_USERNAME": "/k8s/api/DOMSYSLA_USERNAME" + } + } + }, + { + "config": { + "env": { + "XROAD_HUNTING_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", + "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", + "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FIREARM_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", + "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", + "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISABILITY_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", + "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_INSURANCE_WSDLURL": { + "dev": "https://test-huld.sjukra.is/islandrg?wsdl", + "staging": "https://test-huld.sjukra.is/islandrg?wsdl", + "prod": "https://huld.sjukra.is/islandrg?wsdl" + }, + "XROAD_HEALTH_INSURANCE_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", + "prod": "IS/GOV/4804080550/SJUKRA-Protected" + }, + "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" + } + }, + "secrets": { + "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", + "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", + "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", + "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_INTELLECTUAL_PROPERTIES_PATH": { + "dev": "IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI", + "staging": "IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI", + "prod": "IS/GOV/6501912189/WebAPI-Public/HUG-webAPI" + } + } + } + }, + { + "config": { + "env": { + "XROAD_INNA_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VMST_API_PATH": { + "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" + }, + "XROAD_VMST_MEMBER_CODE": { + "dev": "10003", + "staging": "7005942039", + "prod": "7005942039" + } + }, + "secrets": { + "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" + } + } + }, + { + "config": { + "env": { + "XROAD_DRIVING_LICENSE_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V2_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V4_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" + }, + "XROAD_DRIVING_LICENSE_V5_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" + } + }, + "secrets": { + "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10021/FJS-Public", + "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", + "prod": "IS/GOV/5402697509/FJS-Public" + }, + "XROAD_PAYMENT_BASE_CALLBACK_URL": { + "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", + "staging": "XROAD:", + "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" + }, + "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" + }, + "secrets": { + "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", + "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", + "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" + }, + "XROAD_FINANCES_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" + }, + "XROAD_HMS_LOANS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" + }, + "XROAD_HMS_HOUSING_BENEFITS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_LICENSE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" + }, + "XROAD_MMS_GRADE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PROPERTIES_SERVICE_V2_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" + } + }, + "secrets": { + "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_SCHEDULE_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", + "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CRIMINAL_RECORD_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" + } + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + }, + { + "config": { + "env": {}, + "secrets": { + "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH", + "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/api/DRIVING_LICENSE_BOOK_USERNAME", + "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD" + } + } + }, + { + "config": { + "env": { + "FISHING_LICENSE_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", + "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", + "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCIAL_AID_BACKEND_PATH": { + "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", + "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", + "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_MILEAGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PASSPORT_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_CODETABLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" + }, + "XROAD_VEHICLE_INFOLOCKS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" + }, + "XROAD_VEHICLE_OPERATORS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" + }, + "XROAD_VEHICLE_OWNER_CHANGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" + }, + "XROAD_VEHICLE_PLATE_ORDERING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" + }, + "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" + }, + "XROAD_VEHICLE_PRINTING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" + }, + "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CHARGE_FJS_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" + } + } + } + }, + { + "config": { + "env": { + "XROAD_ENERGY_FUNDS_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" + }, + "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" + }, + "XROAD_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" + }, + "XROAD_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" + }, + "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" + }, + "XROAD_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", + "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + }, + { + "config": { + "env": { + "XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Protected/recruitment-v1", + "staging": "IS-TEST/GOV/10021/FJS-Protected/recruitment-v1", + "prod": "IS/GOV/5402697509/FJS-Protected/recruitment-v1" + } + }, + "secrets": { + "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME", + "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_AIRCRAFT_REGISTRY_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HOUSING_BENEFIT_CALCULATOR_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/calc-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/calc-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1" + } + }, + "secrets": { + "HOUSING_BENEFIT_CALCULATOR_USERNAME": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME", + "HOUSING_BENEFIT_CALCULATOR_PASSWORD": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_SHIP_REGISTRY_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { + "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_SIGNATURE_COLLECTION_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_TR_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", + "prod": "IS/GOV/5012130120/TR-Protected/external-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", + "prod": "IS/GOV/10014/DMR-Protected/official-journal" + } + } + } + }, + { + "config": { + "env": { + "XROAD_JUDICIAL_SYSTEM_SP_PATH": { + "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", + "staging": "IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", + "prod": "IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", + "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_FRIGG_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", + "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", + "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_ACCIDENT_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" + } + } + } + } + ], + "files": [ + { + "filename": "islyklar.p12", + "env": "ISLYKILL_CERT" + } + ], + "volumes": [], + "accountName": "api", + "cmds": "node", + "args": [ + "--tls-min-v1.0", + "--no-experimental-fetch", + "main.js" + ], + "replicaCount": { + "default": 2, + "max": 50, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/api/values.prod.yaml b/charts/services/api/values.prod.yaml index c7e37f4144c5..5ba1c6a118e6 100644 --- a/charts/services/api/values.prod.yaml +++ b/charts/services/api/values.prod.yaml @@ -1,3379 +1,1062 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { + "dev": "loftbru.dev01.devland.is", + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + }, + "FILE_STORAGE_UPLOAD_BUCKET": { + "dev": "island-is-dev-upload-api", + "staging": "island-is-staging-upload-api", + "prod": "island-is-prod-upload-api" + }, + "AUTH_PUBLIC_API_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/" + }, + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTACT_US_EMAIL": { + "prod": "island@island.is", + "staging": "island@island.is", + "dev": "s@kogk.is" + }, + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "stjanilofts" + }, + "TELL_US_A_STORY_EMAIL": { + "dev": "s@kogk.is", + "staging": "sogur@island.is", + "prod": "sogur@island.is" + }, + "SEND_FROM_EMAIL": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "island@island.is" + }, + "FILE_DOWNLOAD_BUCKET": { + "dev": "island-is-dev-download-cache-api", + "staging": "island-is-staging-download-cache-api", + "prod": "island-is-prod-download-cache-api" + }, + "DOWNLOAD_SERVICE_BASE_PATH": { + "prod": "https://api.island.is", + "dev": "https://api.dev01.devland.is", + "staging": "https://api.staging01.devland.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/api", + "AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT": "20000", + "XROAD_NATIONAL_REGISTRY_TIMEOUT": "20000", + "XROAD_PROPERTIES_TIMEOUT": "35000", + "SYSLUMENN_TIMEOUT": "40000", + "XROAD_DRIVING_LICENSE_BOOK_TIMEOUT": "20000", + "XROAD_FINANCES_TIMEOUT": "20000", + "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL": { + "dev": "http://web-financial-aid-backend", + "staging": "http://web-financial-aid-backend", + "prod": "http://web-financial-aid-backend" + }, + "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { + "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" + }, + "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", + "FINANCIAL_STATEMENTS_INAO_SCOPE": { + "dev": "https://dev-re.crm4.dynamics.com/.default", + "staging": "https://dev-re.crm4.dynamics.com/.default", + "prod": "https://star-re.crm4.dynamics.com/.default" + }, + "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", + "ELECTRONIC_REGISTRATION_STATISTICS_API_URL": { + "dev": "https://api-staging.thinglysing.is/business/tolfraedi", + "staging": "https://api-staging.thinglysing.is/business/tolfraedi", + "prod": "https://api.thinglysing.is/business/tolfraedi" + }, + "FORM_SYSTEM_API_BASE_PATH": { + "dev": "https://profun.island.is/umsoknarkerfi", + "staging": "", + "prod": "" + }, + "CONSULTATION_PORTAL_CLIENT_BASE_PATH": { + "dev": "https://samradapi-test.devland.is", + "staging": "https://samradapi-test.devland.is", + "prod": "https://samradapi.island.is" + }, + "FISKISTOFA_ZENTER_CLIENT_ID": "1114", + "HSN_WEB_FORM_ID": "1dimJFHLFYtnhoYEA3JxRK", + "AUTH_ADMIN_API_PATH": { + "dev": "https://identity-server.dev01.devland.is/backend", + "staging": "https://identity-server.staging01.devland.is/backend", + "prod": "https://innskra.island.is/backend" + }, + "AUTH_ADMIN_API_PATHS": { + "dev": "{\"development\":\"https://identity-server.dev01.devland.is/backend\"}", + "staging": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\"}", + "prod": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\",\"production\":\"https://innskra.island.is/backend\"}" + }, + "AUTH_IDS_API_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "HUNTING_LICENSE_PASS_TEMPLATE_ID": { + "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "prod": "5f42f942-d8d6-40bf-a186-5a9e12619d9f" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "APOLLO_CACHE_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "LICENSE_SERVICE_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_SCOPE": "[\"@rsk.is/prokura\",\"@rsk.is/prokura:admin\"]", + "WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME": { + "dev": "island-is-assistant-feedback", + "staging": "island-is-assistant-feedback", + "prod": "island-is-assistant-feedback" + } + }, + "features": {}, + "name": "api", + "grantNamespaces": [ + "nginx-ingress-external", + "api-catalogue", + "application-system", + "consultation-portal", + "portals-admin" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET", + "DOCUMENT_PROVIDER_BASE_PATH": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH", + "DOCUMENT_PROVIDER_TOKEN_URL": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL", + "DOCUMENT_PROVIDER_BASE_PATH_TEST": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST", + "DOCUMENT_PROVIDER_TOKEN_URL_TEST": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST", + "SYSLUMENN_HOST": "/k8s/api/SYSLUMENN_HOST", + "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", + "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", + "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", + "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", + "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", + "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", + "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", + "DOCUMENT_PROVIDER_CLIENTID": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID", + "DOCUMENT_PROVIDER_CLIENT_SECRET": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET", + "DOCUMENT_PROVIDER_CLIENTID_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST", + "DOCUMENT_PROVIDER_CLIENT_SECRET_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST", + "SYSLUMENN_USERNAME": "/k8s/api/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/api/SYSLUMENN_PASSWORD", + "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", + "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", + "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", + "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", + "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", + "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", + "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", + "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", + "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", + "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", + "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", + "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", + "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", + "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", + "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", + "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", + "ADR_LICENSE_FETCH_TIMEOUT": "/k8s/api/ADR_LICENSE_FETCH_TIMEOUT", + "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", + "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", + "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", + "INTELLECTUAL_PROPERTY_API_KEY": "/k8s/api/IP_API_KEY", + "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", + "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", + "VEHICLES_ALLOW_CO_OWNERS": "/k8s/api/VEHICLES_ALLOW_CO_OWNERS", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/api/IDENTITY_SERVER_CLIENT_SECRET", + "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", + "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", + "FISKISTOFA_ZENTER_EMAIL": "/k8s/api/FISKISTOFA_ZENTER_EMAIL", + "FISKISTOFA_ZENTER_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_PASSWORD", + "FISKISTOFA_ZENTER_CLIENT_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD", + "FISKISTOFA_API_URL": "/k8s/api/FISKISTOFA_API_URL", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE", + "FISKISTOFA_POWERBI_CLIENT_ID": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID", + "FISKISTOFA_POWERBI_CLIENT_SECRET": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET", + "FISKISTOFA_POWERBI_TENANT_ID": "/k8s/api/FISKISTOFA_POWERBI_TENANT_ID", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", + "HSN_WEB_FORM_RESPONSE_URL": "/k8s/api/HSN_WEB_FORM_RESPONSE_URL", + "HSN_WEB_FORM_RESPONSE_SECRET": "/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET", + "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY", + "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY", + "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY", + "CHART_STATISTIC_SOURCE_DATA_PATHS": "/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS", + "CHART_STATISTIC_CACHE_TTL": "/k8s/api/CHART_STATISTIC_CACHE_TTL", + "WATSON_ASSISTANT_CHAT_FEEDBACK_URL": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL", + "WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY", + "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY", + "ULTRAVIOLET_RADIATION_API_KEY": "/k8s/api/ULTRAVIOLET_RADIATION_API_KEY", + "UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL": "/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL", + "VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY": "/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta", + "api-catalogue" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "paths": [ + "/api" + ], + "public": true + } + }, + "namespace": "islandis", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "1200m", + "memory": "3200Mi" + }, + "requests": { + "cpu": "400m", + "memory": "896Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_ADR_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_COURT_BANKRUPTCY_CERT_PATH": { + "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", + "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", + "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" + } + }, + "secrets": { + "DOMSYSLA_PASSWORD": "/k8s/api/DOMSYSLA_PASSWORD", + "DOMSYSLA_USERNAME": "/k8s/api/DOMSYSLA_USERNAME" + } + } + }, + { + "config": { + "env": { + "XROAD_HUNTING_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", + "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", + "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FIREARM_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", + "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", + "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISABILITY_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", + "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_INSURANCE_WSDLURL": { + "dev": "https://test-huld.sjukra.is/islandrg?wsdl", + "staging": "https://test-huld.sjukra.is/islandrg?wsdl", + "prod": "https://huld.sjukra.is/islandrg?wsdl" + }, + "XROAD_HEALTH_INSURANCE_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", + "prod": "IS/GOV/4804080550/SJUKRA-Protected" + }, + "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" + } + }, + "secrets": { + "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", + "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", + "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", + "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_INTELLECTUAL_PROPERTIES_PATH": { + "dev": "IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI", + "staging": "IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI", + "prod": "IS/GOV/6501912189/WebAPI-Public/HUG-webAPI" + } + } + } + }, + { + "config": { + "env": { + "XROAD_INNA_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VMST_API_PATH": { + "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" + }, + "XROAD_VMST_MEMBER_CODE": { + "dev": "10003", + "staging": "7005942039", + "prod": "7005942039" + } + }, + "secrets": { + "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" + } + } + }, + { + "config": { + "env": { + "XROAD_DRIVING_LICENSE_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V2_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V4_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" + }, + "XROAD_DRIVING_LICENSE_V5_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" + } + }, + "secrets": { + "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10021/FJS-Public", + "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", + "prod": "IS/GOV/5402697509/FJS-Public" + }, + "XROAD_PAYMENT_BASE_CALLBACK_URL": { + "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", + "staging": "XROAD:", + "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" + }, + "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" + }, + "secrets": { + "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", + "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", + "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" + }, + "XROAD_FINANCES_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" + }, + "XROAD_HMS_LOANS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" + }, + "XROAD_HMS_HOUSING_BENEFITS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_LICENSE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" + }, + "XROAD_MMS_GRADE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PROPERTIES_SERVICE_V2_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" + } + }, + "secrets": { + "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_SCHEDULE_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", + "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CRIMINAL_RECORD_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" + } + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + }, + { + "config": { + "env": {}, + "secrets": { + "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH", + "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/api/DRIVING_LICENSE_BOOK_USERNAME", + "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD" + } + } + }, + { + "config": { + "env": { + "FISHING_LICENSE_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", + "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", + "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCIAL_AID_BACKEND_PATH": { + "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", + "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", + "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_MILEAGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PASSPORT_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_CODETABLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" + }, + "XROAD_VEHICLE_INFOLOCKS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" + }, + "XROAD_VEHICLE_OPERATORS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" + }, + "XROAD_VEHICLE_OWNER_CHANGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" + }, + "XROAD_VEHICLE_PLATE_ORDERING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" + }, + "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" + }, + "XROAD_VEHICLE_PRINTING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" + }, + "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CHARGE_FJS_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" + } + } + } + }, + { + "config": { + "env": { + "XROAD_ENERGY_FUNDS_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" + }, + "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" + }, + "XROAD_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" + }, + "XROAD_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" + }, + "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" + }, + "XROAD_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", + "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + }, + { + "config": { + "env": { + "XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Protected/recruitment-v1", + "staging": "IS-TEST/GOV/10021/FJS-Protected/recruitment-v1", + "prod": "IS/GOV/5402697509/FJS-Protected/recruitment-v1" + } + }, + "secrets": { + "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME", + "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_AIRCRAFT_REGISTRY_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HOUSING_BENEFIT_CALCULATOR_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/calc-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/calc-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1" + } + }, + "secrets": { + "HOUSING_BENEFIT_CALCULATOR_USERNAME": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME", + "HOUSING_BENEFIT_CALCULATOR_PASSWORD": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_SHIP_REGISTRY_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { + "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_SIGNATURE_COLLECTION_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_TR_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", + "prod": "IS/GOV/5012130120/TR-Protected/external-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", + "prod": "IS/GOV/10014/DMR-Protected/official-journal" + } + } + } + }, + { + "config": { + "env": { + "XROAD_JUDICIAL_SYSTEM_SP_PATH": { + "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", + "staging": "IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", + "prod": "IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", + "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_FRIGG_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", + "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", + "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_ACCIDENT_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" + } + } + } + } + ], + "files": [ + { + "filename": "islyklar.p12", + "env": "ISLYKILL_CERT" + } + ], + "volumes": [], + "accountName": "api", + "cmds": "node", + "args": [ + "--tls-min-v1.0", + "--no-experimental-fetch", + "main.js" + ], + "replicaCount": { + "default": 2, + "max": 50, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/api/values.staging.yaml b/charts/services/api/values.staging.yaml index 227a2b0fcc6d..5ba1c6a118e6 100644 --- a/charts/services/api/values.staging.yaml +++ b/charts/services/api/values.staging.yaml @@ -1,3238 +1,1062 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { + "dev": "loftbru.dev01.devland.is", + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + }, + "FILE_STORAGE_UPLOAD_BUCKET": { + "dev": "island-is-dev-upload-api", + "staging": "island-is-staging-upload-api", + "prod": "island-is-prod-upload-api" + }, + "AUTH_PUBLIC_API_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/" + }, + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTACT_US_EMAIL": { + "prod": "island@island.is", + "staging": "island@island.is", + "dev": "s@kogk.is" + }, + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "stjanilofts" + }, + "TELL_US_A_STORY_EMAIL": { + "dev": "s@kogk.is", + "staging": "sogur@island.is", + "prod": "sogur@island.is" + }, + "SEND_FROM_EMAIL": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "island@island.is" + }, + "FILE_DOWNLOAD_BUCKET": { + "dev": "island-is-dev-download-cache-api", + "staging": "island-is-staging-download-cache-api", + "prod": "island-is-prod-download-cache-api" + }, + "DOWNLOAD_SERVICE_BASE_PATH": { + "prod": "https://api.island.is", + "dev": "https://api.dev01.devland.is", + "staging": "https://api.staging01.devland.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/api", + "AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT": "20000", + "XROAD_NATIONAL_REGISTRY_TIMEOUT": "20000", + "XROAD_PROPERTIES_TIMEOUT": "35000", + "SYSLUMENN_TIMEOUT": "40000", + "XROAD_DRIVING_LICENSE_BOOK_TIMEOUT": "20000", + "XROAD_FINANCES_TIMEOUT": "20000", + "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL": { + "dev": "http://web-financial-aid-backend", + "staging": "http://web-financial-aid-backend", + "prod": "http://web-financial-aid-backend" + }, + "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { + "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" + }, + "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", + "FINANCIAL_STATEMENTS_INAO_SCOPE": { + "dev": "https://dev-re.crm4.dynamics.com/.default", + "staging": "https://dev-re.crm4.dynamics.com/.default", + "prod": "https://star-re.crm4.dynamics.com/.default" + }, + "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", + "ELECTRONIC_REGISTRATION_STATISTICS_API_URL": { + "dev": "https://api-staging.thinglysing.is/business/tolfraedi", + "staging": "https://api-staging.thinglysing.is/business/tolfraedi", + "prod": "https://api.thinglysing.is/business/tolfraedi" + }, + "FORM_SYSTEM_API_BASE_PATH": { + "dev": "https://profun.island.is/umsoknarkerfi", + "staging": "", + "prod": "" + }, + "CONSULTATION_PORTAL_CLIENT_BASE_PATH": { + "dev": "https://samradapi-test.devland.is", + "staging": "https://samradapi-test.devland.is", + "prod": "https://samradapi.island.is" + }, + "FISKISTOFA_ZENTER_CLIENT_ID": "1114", + "HSN_WEB_FORM_ID": "1dimJFHLFYtnhoYEA3JxRK", + "AUTH_ADMIN_API_PATH": { + "dev": "https://identity-server.dev01.devland.is/backend", + "staging": "https://identity-server.staging01.devland.is/backend", + "prod": "https://innskra.island.is/backend" + }, + "AUTH_ADMIN_API_PATHS": { + "dev": "{\"development\":\"https://identity-server.dev01.devland.is/backend\"}", + "staging": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\"}", + "prod": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\",\"production\":\"https://innskra.island.is/backend\"}" + }, + "AUTH_IDS_API_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "HUNTING_LICENSE_PASS_TEMPLATE_ID": { + "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "prod": "5f42f942-d8d6-40bf-a186-5a9e12619d9f" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "APOLLO_CACHE_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "LICENSE_SERVICE_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_SCOPE": "[\"@rsk.is/prokura\",\"@rsk.is/prokura:admin\"]", + "WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME": { + "dev": "island-is-assistant-feedback", + "staging": "island-is-assistant-feedback", + "prod": "island-is-assistant-feedback" + } + }, + "features": {}, + "name": "api", + "grantNamespaces": [ + "nginx-ingress-external", + "api-catalogue", + "application-system", + "consultation-portal", + "portals-admin" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET", + "DOCUMENT_PROVIDER_BASE_PATH": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH", + "DOCUMENT_PROVIDER_TOKEN_URL": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL", + "DOCUMENT_PROVIDER_BASE_PATH_TEST": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST", + "DOCUMENT_PROVIDER_TOKEN_URL_TEST": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST", + "SYSLUMENN_HOST": "/k8s/api/SYSLUMENN_HOST", + "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", + "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", + "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", + "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", + "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", + "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", + "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", + "DOCUMENT_PROVIDER_CLIENTID": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID", + "DOCUMENT_PROVIDER_CLIENT_SECRET": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET", + "DOCUMENT_PROVIDER_CLIENTID_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST", + "DOCUMENT_PROVIDER_CLIENT_SECRET_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST", + "SYSLUMENN_USERNAME": "/k8s/api/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/api/SYSLUMENN_PASSWORD", + "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", + "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", + "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", + "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", + "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", + "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", + "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", + "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", + "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", + "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", + "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", + "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", + "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", + "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", + "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", + "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", + "ADR_LICENSE_FETCH_TIMEOUT": "/k8s/api/ADR_LICENSE_FETCH_TIMEOUT", + "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", + "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", + "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", + "INTELLECTUAL_PROPERTY_API_KEY": "/k8s/api/IP_API_KEY", + "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", + "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", + "VEHICLES_ALLOW_CO_OWNERS": "/k8s/api/VEHICLES_ALLOW_CO_OWNERS", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/api/IDENTITY_SERVER_CLIENT_SECRET", + "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", + "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", + "FISKISTOFA_ZENTER_EMAIL": "/k8s/api/FISKISTOFA_ZENTER_EMAIL", + "FISKISTOFA_ZENTER_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_PASSWORD", + "FISKISTOFA_ZENTER_CLIENT_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD", + "FISKISTOFA_API_URL": "/k8s/api/FISKISTOFA_API_URL", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID", + "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE", + "FISKISTOFA_POWERBI_CLIENT_ID": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID", + "FISKISTOFA_POWERBI_CLIENT_SECRET": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET", + "FISKISTOFA_POWERBI_TENANT_ID": "/k8s/api/FISKISTOFA_POWERBI_TENANT_ID", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", + "HSN_WEB_FORM_RESPONSE_URL": "/k8s/api/HSN_WEB_FORM_RESPONSE_URL", + "HSN_WEB_FORM_RESPONSE_SECRET": "/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET", + "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY", + "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY", + "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY", + "CHART_STATISTIC_SOURCE_DATA_PATHS": "/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS", + "CHART_STATISTIC_CACHE_TTL": "/k8s/api/CHART_STATISTIC_CACHE_TTL", + "WATSON_ASSISTANT_CHAT_FEEDBACK_URL": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL", + "WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY", + "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY", + "ULTRAVIOLET_RADIATION_API_KEY": "/k8s/api/ULTRAVIOLET_RADIATION_API_KEY", + "UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL": "/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL", + "VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY": "/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta", + "api-catalogue" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "paths": [ + "/api" + ], + "public": true + } + }, + "namespace": "islandis", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "1200m", + "memory": "3200Mi" + }, + "requests": { + "cpu": "400m", + "memory": "896Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_ADR_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_COURT_BANKRUPTCY_CERT_PATH": { + "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", + "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", + "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" + } + }, + "secrets": { + "DOMSYSLA_PASSWORD": "/k8s/api/DOMSYSLA_PASSWORD", + "DOMSYSLA_USERNAME": "/k8s/api/DOMSYSLA_USERNAME" + } + } + }, + { + "config": { + "env": { + "XROAD_HUNTING_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", + "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", + "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FIREARM_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", + "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", + "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISABILITY_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", + "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_INSURANCE_WSDLURL": { + "dev": "https://test-huld.sjukra.is/islandrg?wsdl", + "staging": "https://test-huld.sjukra.is/islandrg?wsdl", + "prod": "https://huld.sjukra.is/islandrg?wsdl" + }, + "XROAD_HEALTH_INSURANCE_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", + "prod": "IS/GOV/4804080550/SJUKRA-Protected" + }, + "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" + } + }, + "secrets": { + "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", + "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", + "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", + "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_INTELLECTUAL_PROPERTIES_PATH": { + "dev": "IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI", + "staging": "IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI", + "prod": "IS/GOV/6501912189/WebAPI-Public/HUG-webAPI" + } + } + } + }, + { + "config": { + "env": { + "XROAD_INNA_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VMST_API_PATH": { + "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" + }, + "XROAD_VMST_MEMBER_CODE": { + "dev": "10003", + "staging": "7005942039", + "prod": "7005942039" + } + }, + "secrets": { + "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" + } + } + }, + { + "config": { + "env": { + "XROAD_DRIVING_LICENSE_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V2_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V4_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" + }, + "XROAD_DRIVING_LICENSE_V5_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" + } + }, + "secrets": { + "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10021/FJS-Public", + "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", + "prod": "IS/GOV/5402697509/FJS-Public" + }, + "XROAD_PAYMENT_BASE_CALLBACK_URL": { + "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", + "staging": "XROAD:", + "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" + }, + "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" + }, + "secrets": { + "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", + "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", + "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" + }, + "XROAD_FINANCES_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" + }, + "XROAD_HMS_LOANS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" + }, + "XROAD_HMS_HOUSING_BENEFITS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_LICENSE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" + }, + "XROAD_MMS_GRADE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PROPERTIES_SERVICE_V2_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" + } + }, + "secrets": { + "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_SCHEDULE_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", + "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CRIMINAL_RECORD_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" + } + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + }, + { + "config": { + "env": {}, + "secrets": { + "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH", + "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/api/DRIVING_LICENSE_BOOK_USERNAME", + "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD" + } + } + }, + { + "config": { + "env": { + "FISHING_LICENSE_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", + "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", + "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCIAL_AID_BACKEND_PATH": { + "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", + "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", + "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_MILEAGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PASSPORT_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_CODETABLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" + }, + "XROAD_VEHICLE_INFOLOCKS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" + }, + "XROAD_VEHICLE_OPERATORS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" + }, + "XROAD_VEHICLE_OWNER_CHANGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" + }, + "XROAD_VEHICLE_PLATE_ORDERING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" + }, + "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" + }, + "XROAD_VEHICLE_PRINTING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" + }, + "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CHARGE_FJS_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" + } + } + } + }, + { + "config": { + "env": { + "XROAD_ENERGY_FUNDS_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" + }, + "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" + }, + "XROAD_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" + }, + "XROAD_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" + }, + "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" + }, + "XROAD_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", + "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + }, + { + "config": { + "env": { + "XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Protected/recruitment-v1", + "staging": "IS-TEST/GOV/10021/FJS-Protected/recruitment-v1", + "prod": "IS/GOV/5402697509/FJS-Protected/recruitment-v1" + } + }, + "secrets": { + "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME", + "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_AIRCRAFT_REGISTRY_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HOUSING_BENEFIT_CALCULATOR_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/calc-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/calc-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1" + } + }, + "secrets": { + "HOUSING_BENEFIT_CALCULATOR_USERNAME": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME", + "HOUSING_BENEFIT_CALCULATOR_PASSWORD": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_SHIP_REGISTRY_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { + "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_SIGNATURE_COLLECTION_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_TR_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", + "prod": "IS/GOV/5012130120/TR-Protected/external-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", + "prod": "IS/GOV/10014/DMR-Protected/official-journal" + } + } + } + }, + { + "config": { + "env": { + "XROAD_JUDICIAL_SYSTEM_SP_PATH": { + "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", + "staging": "IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", + "prod": "IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", + "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_FRIGG_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", + "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", + "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_ACCIDENT_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" + } + } + } + } + ], + "files": [ + { + "filename": "islyklar.p12", + "env": "ISLYKILL_CERT" + } + ], + "volumes": [], + "accountName": "api", + "cmds": "node", + "args": [ + "--tls-min-v1.0", + "--no-experimental-fetch", + "main.js" + ], + "replicaCount": { + "default": 2, + "max": 50, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/application-system-api-worker/values.dev.yaml b/charts/services/application-system-api-worker/values.dev.yaml index 58d9f8e96dbc..0963922da2ae 100644 --- a/charts/services/application-system-api-worker/values.dev.yaml +++ b/charts/services/application-system-api-worker/values.dev.yaml @@ -1,3563 +1,203 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "application-system-api-worker": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_CHARGE_FJS_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" + }, + "APPLICATION_ATTACHMENT_BUCKET": { + "dev": "island-is-dev-storage-application-system", + "staging": "island-is-staging-storage-application-system", + "prod": "island-is-prod-storage-application-system" + }, + "FILE_SERVICE_PRESIGN_BUCKET": { + "dev": "island-is-dev-fs-presign-bucket", + "staging": "island-is-staging-fs-presign-bucket", + "prod": "island-is-prod-fs-presign-bucket" + }, + "FILE_STORAGE_UPLOAD_BUCKET": { + "dev": "island-is-dev-upload-api", + "staging": "island-is-staging-upload-api", + "prod": "island-is-prod-upload-api" + }, + "CLIENT_LOCATION_ORIGIN": { + "dev": "https://beta.dev01.devland.is/umsoknir", + "staging": "https://beta.staging01.devland.is/umsoknir", + "prod": "https://island.is/umsoknir", + "local": "http://localhost:4200/umsoknir" + } + }, + "features": {}, + "name": "application-system-api-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", + "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", + "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", + "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", + "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", + "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", + "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", + "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", + "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", + "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", + "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME" + }, + "ingress": {}, + "namespace": "application-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "768Mi" + }, + "requests": { + "cpu": "150m", + "memory": "384Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10021/FJS-Public", + "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", + "prod": "IS/GOV/5402697509/FJS-Public" + }, + "XROAD_PAYMENT_BASE_CALLBACK_URL": { + "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", + "staging": "XROAD:", + "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" + }, + "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" + }, + "secrets": { + "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", + "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_INNA_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" + } + } + } + }, + { + "config": { + "env": { + "EHIC_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "application-system-api", + "postgres": { + "username": "application_system_api", + "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", + "name": "application_system_api" + }, + "accountName": "application-system-api-worker", + "redis": {}, + "args": [ + "main.js", + "--job", + "worker" + ], + "cmds": "node", + "extraAttributes": { + "dev": { + "schedule": "*/30 * * * *" + }, + "staging": { + "schedule": "*/30 * * * *" + }, + "prod": { + "schedule": "*/30 * * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/application-system-api-worker/values.prod.yaml b/charts/services/application-system-api-worker/values.prod.yaml index c7e37f4144c5..0963922da2ae 100644 --- a/charts/services/application-system-api-worker/values.prod.yaml +++ b/charts/services/application-system-api-worker/values.prod.yaml @@ -1,3379 +1,203 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "application-system-api-worker": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_CHARGE_FJS_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" + }, + "APPLICATION_ATTACHMENT_BUCKET": { + "dev": "island-is-dev-storage-application-system", + "staging": "island-is-staging-storage-application-system", + "prod": "island-is-prod-storage-application-system" + }, + "FILE_SERVICE_PRESIGN_BUCKET": { + "dev": "island-is-dev-fs-presign-bucket", + "staging": "island-is-staging-fs-presign-bucket", + "prod": "island-is-prod-fs-presign-bucket" + }, + "FILE_STORAGE_UPLOAD_BUCKET": { + "dev": "island-is-dev-upload-api", + "staging": "island-is-staging-upload-api", + "prod": "island-is-prod-upload-api" + }, + "CLIENT_LOCATION_ORIGIN": { + "dev": "https://beta.dev01.devland.is/umsoknir", + "staging": "https://beta.staging01.devland.is/umsoknir", + "prod": "https://island.is/umsoknir", + "local": "http://localhost:4200/umsoknir" + } + }, + "features": {}, + "name": "application-system-api-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", + "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", + "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", + "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", + "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", + "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", + "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", + "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", + "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", + "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", + "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME" + }, + "ingress": {}, + "namespace": "application-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "768Mi" + }, + "requests": { + "cpu": "150m", + "memory": "384Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10021/FJS-Public", + "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", + "prod": "IS/GOV/5402697509/FJS-Public" + }, + "XROAD_PAYMENT_BASE_CALLBACK_URL": { + "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", + "staging": "XROAD:", + "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" + }, + "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" + }, + "secrets": { + "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", + "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_INNA_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" + } + } + } + }, + { + "config": { + "env": { + "EHIC_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "application-system-api", + "postgres": { + "username": "application_system_api", + "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", + "name": "application_system_api" + }, + "accountName": "application-system-api-worker", + "redis": {}, + "args": [ + "main.js", + "--job", + "worker" + ], + "cmds": "node", + "extraAttributes": { + "dev": { + "schedule": "*/30 * * * *" + }, + "staging": { + "schedule": "*/30 * * * *" + }, + "prod": { + "schedule": "*/30 * * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/application-system-api-worker/values.staging.yaml b/charts/services/application-system-api-worker/values.staging.yaml index 227a2b0fcc6d..0963922da2ae 100644 --- a/charts/services/application-system-api-worker/values.staging.yaml +++ b/charts/services/application-system-api-worker/values.staging.yaml @@ -1,3238 +1,203 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "application-system-api-worker": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_CHARGE_FJS_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" + }, + "APPLICATION_ATTACHMENT_BUCKET": { + "dev": "island-is-dev-storage-application-system", + "staging": "island-is-staging-storage-application-system", + "prod": "island-is-prod-storage-application-system" + }, + "FILE_SERVICE_PRESIGN_BUCKET": { + "dev": "island-is-dev-fs-presign-bucket", + "staging": "island-is-staging-fs-presign-bucket", + "prod": "island-is-prod-fs-presign-bucket" + }, + "FILE_STORAGE_UPLOAD_BUCKET": { + "dev": "island-is-dev-upload-api", + "staging": "island-is-staging-upload-api", + "prod": "island-is-prod-upload-api" + }, + "CLIENT_LOCATION_ORIGIN": { + "dev": "https://beta.dev01.devland.is/umsoknir", + "staging": "https://beta.staging01.devland.is/umsoknir", + "prod": "https://island.is/umsoknir", + "local": "http://localhost:4200/umsoknir" + } + }, + "features": {}, + "name": "application-system-api-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", + "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", + "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", + "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", + "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", + "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", + "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", + "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", + "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", + "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", + "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME" + }, + "ingress": {}, + "namespace": "application-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "768Mi" + }, + "requests": { + "cpu": "150m", + "memory": "384Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10021/FJS-Public", + "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", + "prod": "IS/GOV/5402697509/FJS-Public" + }, + "XROAD_PAYMENT_BASE_CALLBACK_URL": { + "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", + "staging": "XROAD:", + "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" + }, + "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" + }, + "secrets": { + "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", + "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_INNA_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" + } + } + } + }, + { + "config": { + "env": { + "EHIC_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "application-system-api", + "postgres": { + "username": "application_system_api", + "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", + "name": "application_system_api" + }, + "accountName": "application-system-api-worker", + "redis": {}, + "args": [ + "main.js", + "--job", + "worker" + ], + "cmds": "node", + "extraAttributes": { + "dev": { + "schedule": "*/30 * * * *" + }, + "staging": { + "schedule": "*/30 * * * *" + }, + "prod": { + "schedule": "*/30 * * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/application-system-api/values.dev.yaml b/charts/services/application-system-api/values.dev.yaml index 58d9f8e96dbc..6b45c4f14a6d 100644 --- a/charts/services/application-system-api/values.dev.yaml +++ b/charts/services/application-system-api/values.dev.yaml @@ -1,3563 +1,856 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "application-system-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "EMAIL_REGION": "eu-west-1", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CLIENT_LOCATION_ORIGIN": { + "dev": "https://beta.dev01.devland.is/umsoknir", + "staging": "https://beta.staging01.devland.is/umsoknir", + "prod": "https://island.is/umsoknir", + "local": "http://localhost:4200/umsoknir" + }, + "APPLICATION_ATTACHMENT_BUCKET": { + "dev": "island-is-dev-storage-application-system", + "staging": "island-is-staging-storage-application-system", + "prod": "island-is-prod-storage-application-system" + }, + "FILE_STORAGE_UPLOAD_BUCKET": { + "dev": "island-is-dev-upload-api", + "staging": "island-is-staging-upload-api", + "prod": "island-is-prod-upload-api" + }, + "FILE_SERVICE_PRESIGN_BUCKET": { + "dev": "island-is-dev-fs-presign-bucket", + "staging": "island-is-staging-fs-presign-bucket", + "prod": "island-is-prod-fs-presign-bucket" + }, + "INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { + "dev": "gunnar.ingi@fjr.is", + "staging": "gunnar.ingi@fjr.is", + "prod": "island@island.is" + }, + "INSTITUTION_APPLICATION_RECIPIENT_NAME": { + "dev": "Gunnar Ingi", + "staging": "Gunnar Ingi", + "prod": "Stafrรฆnt รsland" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", + "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { + "dev": "gunnar.ingi@fjr.is", + "staging": "gunnar.ingi@fjr.is", + "prod": "island@island.is" + }, + "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME": { + "dev": "Gunnar Ingi", + "staging": "Gunnar Ingi", + "prod": "Stafrรฆnt รsland" + }, + "LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { + "dev": "gunnar.ingi@fjr.is", + "staging": "gunnar.ingi@fjr.is", + "prod": "island@island.is" + }, + "LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME": { + "dev": "Gunnar Ingi", + "staging": "Gunnar Ingi", + "prod": "Stafrรฆnt รsland" + }, + "NOVA_USERNAME": { + "dev": "IslandIs_User_Development", + "prod": "IslandIs_User_Production", + "staging": "IslandIs_User_Development" + }, + "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { + "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" + }, + "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", + "FINANCIAL_STATEMENTS_INAO_SCOPE": { + "dev": "https://dev-re.crm4.dynamics.com/.default", + "staging": "https://dev-re.crm4.dynamics.com/.default", + "prod": "https://star-re.crm4.dynamics.com/.default" + }, + "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", + "XROAD_COURT_BANKRUPTCY_CERT_PATH": { + "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", + "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", + "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" + }, + "XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10047/UA-Protected/kvortun-v1/", + "staging": "IS-TEST/GOV/10047/UA-Protected/kvortun-v1/", + "prod": "IS/GOV/5605882089/UA-Protected/kvortun-v1" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "AUTH_PUBLIC_API_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "UNIVERSITY_GATEWAY_API_URL": { + "dev": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", + "staging": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", + "prod": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local" + } + }, + "features": {}, + "name": "application-system-api", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NOVA_URL": "/k8s/application-system-api/NOVA_URL", + "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", + "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", + "AUTH_JWT_SECRET": "/k8s/application-system/api/AUTH_JWT_SECRET", + "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", + "EMAIL_FROM": "/k8s/application-system/api/EMAIL_FROM", + "EMAIL_FROM_NAME": "/k8s/application-system/api/EMAIL_FROM_NAME", + "EMAIL_REPLY_TO": "/k8s/application-system/api/EMAIL_REPLY_TO", + "EMAIL_REPLY_TO_NAME": "/k8s/application-system/api/EMAIL_REPLY_TO_NAME", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", + "DOCUMENT_PROVIDER_ONBOARDING_REVIEWER": "/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER", + "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", + "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", + "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", + "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", + "NOVA_PASSWORD": "/k8s/application-system/api/NOVA_PASSWORD", + "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", + "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", + "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", + "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", + "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", + "VMST_ID": "/k8s/application-system/VMST_ID", + "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", + "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME", + "ALTHINGI_OMBUDSMAN_XROAD_USERNAME": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME", + "ALTHINGI_OMBUDSMAN_XROAD_PASSWORD": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "application-payment-callback-xrd", + "application-callback-xrd" + ], + "staging": [ + "application-payment-callback-xrd", + "application-callback-xrd" + ], + "prod": [ + "application-payment-callback-xrd", + "application-callback-xrd" + ] + }, + "paths": [ + "/application-payment", + "/applications" + ], + "public": false, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "application-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "1024Mi" + }, + "requests": { + "cpu": "75m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VMST_API_PATH": { + "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" + }, + "XROAD_VMST_MEMBER_CODE": { + "dev": "10003", + "staging": "7005942039", + "prod": "7005942039" + } + }, + "secrets": { + "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_INSURANCE_WSDLURL": { + "dev": "https://test-huld.sjukra.is/islandrg?wsdl", + "staging": "https://test-huld.sjukra.is/islandrg?wsdl", + "prod": "https://huld.sjukra.is/islandrg?wsdl" + }, + "XROAD_HEALTH_INSURANCE_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", + "prod": "IS/GOV/4804080550/SJUKRA-Protected" + }, + "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" + } + }, + "secrets": { + "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", + "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", + "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", + "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10021/FJS-Public", + "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", + "prod": "IS/GOV/5402697509/FJS-Public" + }, + "XROAD_PAYMENT_BASE_CALLBACK_URL": { + "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", + "staging": "XROAD:", + "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" + }, + "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" + }, + "secrets": { + "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", + "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_DRIVING_LICENSE_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V2_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V4_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" + }, + "XROAD_DRIVING_LICENSE_V5_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" + } + }, + "secrets": { + "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_SCHEDULE_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", + "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CRIMINAL_RECORD_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" + } + } + } + }, + { + "config": { + "env": { + "DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10026/gopro/kvortun-v1", + "staging": "IS-TEST/GOV/5608002820/gopro/kvortun-v1", + "prod": "IS/GOV/5608002820/gopro/kvortun-v1" + } + }, + "secrets": { + "DATA_PROTECTION_COMPLAINT_API_USERNAME": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME", + "DATA_PROTECTION_COMPLAINT_API_PASSWORD": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD" + } + } + }, + { + "config": { + "env": { + "FISHING_LICENSE_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", + "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", + "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCIAL_AID_BACKEND_PATH": { + "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", + "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", + "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CHARGE_FJS_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" + } + } + } + }, + { + "config": { + "env": { + "XROAD_ENERGY_FUNDS_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", + "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" + }, + "XROAD_FINANCES_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" + }, + "XROAD_HMS_LOANS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" + }, + "XROAD_HMS_HOUSING_BENEFITS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PROPERTIES_SERVICE_V2_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" + } + }, + "secrets": { + "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_INNA_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_MILEAGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_CODETABLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" + }, + "XROAD_VEHICLE_INFOLOCKS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" + }, + "XROAD_VEHICLE_OPERATORS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" + }, + "XROAD_VEHICLE_OWNER_CHANGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" + }, + "XROAD_VEHICLE_PLATE_ORDERING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" + }, + "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" + }, + "XROAD_VEHICLE_PRINTING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" + }, + "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PASSPORT_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" + } + } + } + }, + { + "config": { + "env": { + "EHIC_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { + "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_TR_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", + "prod": "IS/GOV/5012130120/TR-Protected/external-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" + } + } + } + }, + { + "config": { + "env": { + "XROAD_SIGNATURE_COLLECTION_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + }, + { + "config": { + "env": { + "WORKPOINT_ARBORG_SERVICE_PATH": { + "dev": "IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1", + "staging": "IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1", + "prod": "IS/MUN/10036/Arborg-Protected/tengill-application-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", + "prod": "IS/GOV/10014/DMR-Protected/official-journal" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", + "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" + }, + "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" + }, + "XROAD_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" + }, + "XROAD_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" + }, + "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" + }, + "XROAD_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", + "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_FRIGG_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", + "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", + "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_ACCIDENT_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" + } + } + } + } + ], + "files": [ + { + "filename": "islyklar.p12", + "env": "ISLYKILL_CERT" + } + ], + "volumes": [], + "accountName": "application-system-api", + "cmds": "node", + "redis": {}, + "args": [ + "main.js" + ], + "postgres": { + "username": "application_system_api", + "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", + "name": "application_system_api" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "application_system_api", + "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", + "name": "application_system_api" + } + }, + "replicaCount": { + "default": 2, + "max": 60, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/application-system-api/values.prod.yaml b/charts/services/application-system-api/values.prod.yaml index c7e37f4144c5..6b45c4f14a6d 100644 --- a/charts/services/application-system-api/values.prod.yaml +++ b/charts/services/application-system-api/values.prod.yaml @@ -1,3379 +1,856 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "application-system-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "EMAIL_REGION": "eu-west-1", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CLIENT_LOCATION_ORIGIN": { + "dev": "https://beta.dev01.devland.is/umsoknir", + "staging": "https://beta.staging01.devland.is/umsoknir", + "prod": "https://island.is/umsoknir", + "local": "http://localhost:4200/umsoknir" + }, + "APPLICATION_ATTACHMENT_BUCKET": { + "dev": "island-is-dev-storage-application-system", + "staging": "island-is-staging-storage-application-system", + "prod": "island-is-prod-storage-application-system" + }, + "FILE_STORAGE_UPLOAD_BUCKET": { + "dev": "island-is-dev-upload-api", + "staging": "island-is-staging-upload-api", + "prod": "island-is-prod-upload-api" + }, + "FILE_SERVICE_PRESIGN_BUCKET": { + "dev": "island-is-dev-fs-presign-bucket", + "staging": "island-is-staging-fs-presign-bucket", + "prod": "island-is-prod-fs-presign-bucket" + }, + "INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { + "dev": "gunnar.ingi@fjr.is", + "staging": "gunnar.ingi@fjr.is", + "prod": "island@island.is" + }, + "INSTITUTION_APPLICATION_RECIPIENT_NAME": { + "dev": "Gunnar Ingi", + "staging": "Gunnar Ingi", + "prod": "Stafrรฆnt รsland" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", + "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { + "dev": "gunnar.ingi@fjr.is", + "staging": "gunnar.ingi@fjr.is", + "prod": "island@island.is" + }, + "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME": { + "dev": "Gunnar Ingi", + "staging": "Gunnar Ingi", + "prod": "Stafrรฆnt รsland" + }, + "LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { + "dev": "gunnar.ingi@fjr.is", + "staging": "gunnar.ingi@fjr.is", + "prod": "island@island.is" + }, + "LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME": { + "dev": "Gunnar Ingi", + "staging": "Gunnar Ingi", + "prod": "Stafrรฆnt รsland" + }, + "NOVA_USERNAME": { + "dev": "IslandIs_User_Development", + "prod": "IslandIs_User_Production", + "staging": "IslandIs_User_Development" + }, + "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { + "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" + }, + "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", + "FINANCIAL_STATEMENTS_INAO_SCOPE": { + "dev": "https://dev-re.crm4.dynamics.com/.default", + "staging": "https://dev-re.crm4.dynamics.com/.default", + "prod": "https://star-re.crm4.dynamics.com/.default" + }, + "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", + "XROAD_COURT_BANKRUPTCY_CERT_PATH": { + "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", + "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", + "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" + }, + "XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10047/UA-Protected/kvortun-v1/", + "staging": "IS-TEST/GOV/10047/UA-Protected/kvortun-v1/", + "prod": "IS/GOV/5605882089/UA-Protected/kvortun-v1" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "AUTH_PUBLIC_API_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "UNIVERSITY_GATEWAY_API_URL": { + "dev": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", + "staging": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", + "prod": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local" + } + }, + "features": {}, + "name": "application-system-api", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NOVA_URL": "/k8s/application-system-api/NOVA_URL", + "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", + "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", + "AUTH_JWT_SECRET": "/k8s/application-system/api/AUTH_JWT_SECRET", + "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", + "EMAIL_FROM": "/k8s/application-system/api/EMAIL_FROM", + "EMAIL_FROM_NAME": "/k8s/application-system/api/EMAIL_FROM_NAME", + "EMAIL_REPLY_TO": "/k8s/application-system/api/EMAIL_REPLY_TO", + "EMAIL_REPLY_TO_NAME": "/k8s/application-system/api/EMAIL_REPLY_TO_NAME", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", + "DOCUMENT_PROVIDER_ONBOARDING_REVIEWER": "/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER", + "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", + "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", + "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", + "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", + "NOVA_PASSWORD": "/k8s/application-system/api/NOVA_PASSWORD", + "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", + "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", + "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", + "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", + "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", + "VMST_ID": "/k8s/application-system/VMST_ID", + "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", + "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME", + "ALTHINGI_OMBUDSMAN_XROAD_USERNAME": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME", + "ALTHINGI_OMBUDSMAN_XROAD_PASSWORD": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "application-payment-callback-xrd", + "application-callback-xrd" + ], + "staging": [ + "application-payment-callback-xrd", + "application-callback-xrd" + ], + "prod": [ + "application-payment-callback-xrd", + "application-callback-xrd" + ] + }, + "paths": [ + "/application-payment", + "/applications" + ], + "public": false, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "application-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "1024Mi" + }, + "requests": { + "cpu": "75m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VMST_API_PATH": { + "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" + }, + "XROAD_VMST_MEMBER_CODE": { + "dev": "10003", + "staging": "7005942039", + "prod": "7005942039" + } + }, + "secrets": { + "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_INSURANCE_WSDLURL": { + "dev": "https://test-huld.sjukra.is/islandrg?wsdl", + "staging": "https://test-huld.sjukra.is/islandrg?wsdl", + "prod": "https://huld.sjukra.is/islandrg?wsdl" + }, + "XROAD_HEALTH_INSURANCE_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", + "prod": "IS/GOV/4804080550/SJUKRA-Protected" + }, + "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" + } + }, + "secrets": { + "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", + "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", + "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", + "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10021/FJS-Public", + "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", + "prod": "IS/GOV/5402697509/FJS-Public" + }, + "XROAD_PAYMENT_BASE_CALLBACK_URL": { + "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", + "staging": "XROAD:", + "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" + }, + "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" + }, + "secrets": { + "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", + "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_DRIVING_LICENSE_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V2_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V4_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" + }, + "XROAD_DRIVING_LICENSE_V5_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" + } + }, + "secrets": { + "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_SCHEDULE_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", + "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CRIMINAL_RECORD_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" + } + } + } + }, + { + "config": { + "env": { + "DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10026/gopro/kvortun-v1", + "staging": "IS-TEST/GOV/5608002820/gopro/kvortun-v1", + "prod": "IS/GOV/5608002820/gopro/kvortun-v1" + } + }, + "secrets": { + "DATA_PROTECTION_COMPLAINT_API_USERNAME": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME", + "DATA_PROTECTION_COMPLAINT_API_PASSWORD": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD" + } + } + }, + { + "config": { + "env": { + "FISHING_LICENSE_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", + "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", + "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCIAL_AID_BACKEND_PATH": { + "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", + "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", + "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CHARGE_FJS_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" + } + } + } + }, + { + "config": { + "env": { + "XROAD_ENERGY_FUNDS_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", + "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" + }, + "XROAD_FINANCES_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" + }, + "XROAD_HMS_LOANS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" + }, + "XROAD_HMS_HOUSING_BENEFITS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PROPERTIES_SERVICE_V2_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" + } + }, + "secrets": { + "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_INNA_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_MILEAGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_CODETABLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" + }, + "XROAD_VEHICLE_INFOLOCKS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" + }, + "XROAD_VEHICLE_OPERATORS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" + }, + "XROAD_VEHICLE_OWNER_CHANGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" + }, + "XROAD_VEHICLE_PLATE_ORDERING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" + }, + "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" + }, + "XROAD_VEHICLE_PRINTING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" + }, + "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PASSPORT_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" + } + } + } + }, + { + "config": { + "env": { + "EHIC_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { + "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_TR_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", + "prod": "IS/GOV/5012130120/TR-Protected/external-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" + } + } + } + }, + { + "config": { + "env": { + "XROAD_SIGNATURE_COLLECTION_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + }, + { + "config": { + "env": { + "WORKPOINT_ARBORG_SERVICE_PATH": { + "dev": "IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1", + "staging": "IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1", + "prod": "IS/MUN/10036/Arborg-Protected/tengill-application-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", + "prod": "IS/GOV/10014/DMR-Protected/official-journal" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", + "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" + }, + "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" + }, + "XROAD_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" + }, + "XROAD_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" + }, + "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" + }, + "XROAD_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", + "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_FRIGG_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", + "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", + "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_ACCIDENT_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" + } + } + } + } + ], + "files": [ + { + "filename": "islyklar.p12", + "env": "ISLYKILL_CERT" + } + ], + "volumes": [], + "accountName": "application-system-api", + "cmds": "node", + "redis": {}, + "args": [ + "main.js" + ], + "postgres": { + "username": "application_system_api", + "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", + "name": "application_system_api" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "application_system_api", + "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", + "name": "application_system_api" + } + }, + "replicaCount": { + "default": 2, + "max": 60, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/application-system-api/values.staging.yaml b/charts/services/application-system-api/values.staging.yaml index 227a2b0fcc6d..6b45c4f14a6d 100644 --- a/charts/services/application-system-api/values.staging.yaml +++ b/charts/services/application-system-api/values.staging.yaml @@ -1,3238 +1,856 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "application-system-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "EMAIL_REGION": "eu-west-1", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CLIENT_LOCATION_ORIGIN": { + "dev": "https://beta.dev01.devland.is/umsoknir", + "staging": "https://beta.staging01.devland.is/umsoknir", + "prod": "https://island.is/umsoknir", + "local": "http://localhost:4200/umsoknir" + }, + "APPLICATION_ATTACHMENT_BUCKET": { + "dev": "island-is-dev-storage-application-system", + "staging": "island-is-staging-storage-application-system", + "prod": "island-is-prod-storage-application-system" + }, + "FILE_STORAGE_UPLOAD_BUCKET": { + "dev": "island-is-dev-upload-api", + "staging": "island-is-staging-upload-api", + "prod": "island-is-prod-upload-api" + }, + "FILE_SERVICE_PRESIGN_BUCKET": { + "dev": "island-is-dev-fs-presign-bucket", + "staging": "island-is-staging-fs-presign-bucket", + "prod": "island-is-prod-fs-presign-bucket" + }, + "INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { + "dev": "gunnar.ingi@fjr.is", + "staging": "gunnar.ingi@fjr.is", + "prod": "island@island.is" + }, + "INSTITUTION_APPLICATION_RECIPIENT_NAME": { + "dev": "Gunnar Ingi", + "staging": "Gunnar Ingi", + "prod": "Stafrรฆnt รsland" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", + "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { + "dev": "gunnar.ingi@fjr.is", + "staging": "gunnar.ingi@fjr.is", + "prod": "island@island.is" + }, + "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME": { + "dev": "Gunnar Ingi", + "staging": "Gunnar Ingi", + "prod": "Stafrรฆnt รsland" + }, + "LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { + "dev": "gunnar.ingi@fjr.is", + "staging": "gunnar.ingi@fjr.is", + "prod": "island@island.is" + }, + "LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME": { + "dev": "Gunnar Ingi", + "staging": "Gunnar Ingi", + "prod": "Stafrรฆnt รsland" + }, + "NOVA_USERNAME": { + "dev": "IslandIs_User_Development", + "prod": "IslandIs_User_Production", + "staging": "IslandIs_User_Development" + }, + "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { + "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", + "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" + }, + "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", + "FINANCIAL_STATEMENTS_INAO_SCOPE": { + "dev": "https://dev-re.crm4.dynamics.com/.default", + "staging": "https://dev-re.crm4.dynamics.com/.default", + "prod": "https://star-re.crm4.dynamics.com/.default" + }, + "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", + "XROAD_COURT_BANKRUPTCY_CERT_PATH": { + "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", + "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", + "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" + }, + "XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10047/UA-Protected/kvortun-v1/", + "staging": "IS-TEST/GOV/10047/UA-Protected/kvortun-v1/", + "prod": "IS/GOV/5605882089/UA-Protected/kvortun-v1" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "AUTH_PUBLIC_API_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "UNIVERSITY_GATEWAY_API_URL": { + "dev": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", + "staging": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", + "prod": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local" + } + }, + "features": {}, + "name": "application-system-api", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NOVA_URL": "/k8s/application-system-api/NOVA_URL", + "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", + "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", + "AUTH_JWT_SECRET": "/k8s/application-system/api/AUTH_JWT_SECRET", + "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", + "EMAIL_FROM": "/k8s/application-system/api/EMAIL_FROM", + "EMAIL_FROM_NAME": "/k8s/application-system/api/EMAIL_FROM_NAME", + "EMAIL_REPLY_TO": "/k8s/application-system/api/EMAIL_REPLY_TO", + "EMAIL_REPLY_TO_NAME": "/k8s/application-system/api/EMAIL_REPLY_TO_NAME", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", + "DOCUMENT_PROVIDER_ONBOARDING_REVIEWER": "/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER", + "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", + "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", + "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", + "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", + "NOVA_PASSWORD": "/k8s/application-system/api/NOVA_PASSWORD", + "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", + "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", + "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", + "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", + "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", + "VMST_ID": "/k8s/application-system/VMST_ID", + "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", + "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME", + "ALTHINGI_OMBUDSMAN_XROAD_USERNAME": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME", + "ALTHINGI_OMBUDSMAN_XROAD_PASSWORD": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "application-payment-callback-xrd", + "application-callback-xrd" + ], + "staging": [ + "application-payment-callback-xrd", + "application-callback-xrd" + ], + "prod": [ + "application-payment-callback-xrd", + "application-callback-xrd" + ] + }, + "paths": [ + "/application-payment", + "/applications" + ], + "public": false, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "application-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "1024Mi" + }, + "requests": { + "cpu": "75m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VMST_API_PATH": { + "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", + "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" + }, + "XROAD_VMST_MEMBER_CODE": { + "dev": "10003", + "staging": "7005942039", + "prod": "7005942039" + } + }, + "secrets": { + "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_INSURANCE_WSDLURL": { + "dev": "https://test-huld.sjukra.is/islandrg?wsdl", + "staging": "https://test-huld.sjukra.is/islandrg?wsdl", + "prod": "https://huld.sjukra.is/islandrg?wsdl" + }, + "XROAD_HEALTH_INSURANCE_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", + "prod": "IS/GOV/4804080550/SJUKRA-Protected" + }, + "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" + } + }, + "secrets": { + "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", + "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", + "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", + "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10021/FJS-Public", + "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", + "prod": "IS/GOV/5402697509/FJS-Public" + }, + "XROAD_PAYMENT_BASE_CALLBACK_URL": { + "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", + "staging": "XROAD:", + "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" + }, + "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" + }, + "secrets": { + "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", + "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_DRIVING_LICENSE_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V2_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V4_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" + }, + "XROAD_DRIVING_LICENSE_V5_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" + } + }, + "secrets": { + "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_PAYMENT_SCHEDULE_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", + "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CRIMINAL_RECORD_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" + } + } + } + }, + { + "config": { + "env": { + "DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10026/gopro/kvortun-v1", + "staging": "IS-TEST/GOV/5608002820/gopro/kvortun-v1", + "prod": "IS/GOV/5608002820/gopro/kvortun-v1" + } + }, + "secrets": { + "DATA_PROTECTION_COMPLAINT_API_USERNAME": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME", + "DATA_PROTECTION_COMPLAINT_API_PASSWORD": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD" + } + } + }, + { + "config": { + "env": { + "FISHING_LICENSE_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", + "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", + "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCIAL_AID_BACKEND_PATH": { + "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", + "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", + "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CHARGE_FJS_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" + } + } + } + }, + { + "config": { + "env": { + "XROAD_ENERGY_FUNDS_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", + "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", + "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" + }, + "XROAD_FINANCES_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" + }, + "XROAD_HMS_LOANS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" + }, + "XROAD_HMS_HOUSING_BENEFITS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PROPERTIES_SERVICE_V2_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" + } + }, + "secrets": { + "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", + "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_INNA_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_MILEAGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLE_CODETABLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" + }, + "XROAD_VEHICLE_INFOLOCKS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" + }, + "XROAD_VEHICLE_OPERATORS_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" + }, + "XROAD_VEHICLE_OWNER_CHANGE_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" + }, + "XROAD_VEHICLE_PLATE_ORDERING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" + }, + "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" + }, + "XROAD_VEHICLE_PRINTING_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" + }, + "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_PASSPORT_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" + } + } + } + }, + { + "config": { + "env": { + "EHIC_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { + "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", + "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_TR_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", + "prod": "IS/GOV/5012130120/TR-Protected/external-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" + } + } + } + }, + { + "config": { + "env": { + "XROAD_SIGNATURE_COLLECTION_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + }, + { + "config": { + "env": { + "WORKPOINT_ARBORG_SERVICE_PATH": { + "dev": "IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1", + "staging": "IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1", + "prod": "IS/MUN/10036/Arborg-Protected/tengill-application-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", + "prod": "IS/GOV/10014/DMR-Protected/official-journal" + } + } + } + }, + { + "config": { + "env": { + "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { + "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", + "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", + "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" + }, + "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" + }, + "XROAD_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" + }, + "XROAD_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" + }, + "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" + }, + "XROAD_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", + "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_FRIGG_PATH": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", + "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", + "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { + "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", + "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_ACCIDENT_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" + } + } + } + } + ], + "files": [ + { + "filename": "islyklar.p12", + "env": "ISLYKILL_CERT" + } + ], + "volumes": [], + "accountName": "application-system-api", + "cmds": "node", + "redis": {}, + "args": [ + "main.js" + ], + "postgres": { + "username": "application_system_api", + "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", + "name": "application_system_api" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "application_system_api", + "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", + "name": "application_system_api" + } + }, + "replicaCount": { + "default": 2, + "max": 60, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/application-system-form/values.dev.yaml b/charts/services/application-system-form/values.dev.yaml index 58d9f8e96dbc..5c224350bc0c 100644 --- a/charts/services/application-system-form/values.dev.yaml +++ b/charts/services/application-system-form/values.dev.yaml @@ -1,3563 +1,95 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "application-system-form": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/umsoknir", + "SI_PUBLIC_GRAPHQL_PATH": { + "dev": "", + "prod": "", + "staging": "" + }, + "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "application-system-form", + "grantNamespaces": [ + "nginx-ingress-internal", + "nginx-ingress-external", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/umsoknir" + ] + } + }, + "namespace": "application-system", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "10m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [] + } + } +} \ No newline at end of file diff --git a/charts/services/application-system-form/values.prod.yaml b/charts/services/application-system-form/values.prod.yaml index c7e37f4144c5..5c224350bc0c 100644 --- a/charts/services/application-system-form/values.prod.yaml +++ b/charts/services/application-system-form/values.prod.yaml @@ -1,3379 +1,95 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "application-system-form": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/umsoknir", + "SI_PUBLIC_GRAPHQL_PATH": { + "dev": "", + "prod": "", + "staging": "" + }, + "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "application-system-form", + "grantNamespaces": [ + "nginx-ingress-internal", + "nginx-ingress-external", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/umsoknir" + ] + } + }, + "namespace": "application-system", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "10m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [] + } + } +} \ No newline at end of file diff --git a/charts/services/application-system-form/values.staging.yaml b/charts/services/application-system-form/values.staging.yaml index 227a2b0fcc6d..5c224350bc0c 100644 --- a/charts/services/application-system-form/values.staging.yaml +++ b/charts/services/application-system-form/values.staging.yaml @@ -1,3238 +1,95 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "application-system-form": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/umsoknir", + "SI_PUBLIC_GRAPHQL_PATH": { + "dev": "", + "prod": "", + "staging": "" + }, + "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "application-system-form", + "grantNamespaces": [ + "nginx-ingress-internal", + "nginx-ingress-external", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/umsoknir" + ] + } + }, + "namespace": "application-system", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "10m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [] + } + } +} \ No newline at end of file diff --git a/charts/services/auth-admin-web/values.dev.yaml b/charts/services/auth-admin-web/values.dev.yaml index 2efa5ea90de6..c37cdeef4bd8 100644 --- a/charts/services/auth-admin-web/values.dev.yaml +++ b/charts/services/auth-admin-web/values.dev.yaml @@ -1,826 +1,109 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.dev01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://preview.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "auth-admin-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "NEXT_PUBLIC_BACKEND_URL": "/backend", + "IDENTITYSERVER_DOMAIN": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "BASE_URL": { + "dev": "https://identity-server.dev01.devland.is/admin", + "staging": "https://identity-server.staging01.devland.is/admin", + "prod": "https://innskra.island.is/admin" + }, + "NEXTAUTH_URL": { + "dev": "https://identity-server.dev01.devland.is/admin/api/auth", + "staging": "https://identity-server.staging01.devland.is/admin/api/auth", + "prod": "https://innskra.island.is/admin/api/auth" + } + }, + "features": {}, + "name": "auth-admin-web", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITYSERVER_SECRET": "/k8s/auth-admin-web/IDENTITYSERVER_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server", + "staging": "identity-server", + "prod": "innskra.island.is" + }, + "paths": [ + "/admin" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "identity-server-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "256Mi" + }, + "requests": { + "cpu": "200m", + "memory": "192Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "auth-admin-web", + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + }, + "extraAttributes": { + "dev": { + "progressDeadlineSeconds": 1200 + }, + "staging": { + "progressDeadlineSeconds": 1200 + }, + "prod": { + "progressDeadlineSeconds": 1200 + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/auth-admin-web/values.prod.yaml b/charts/services/auth-admin-web/values.prod.yaml index 6ebbacf21056..c37cdeef4bd8 100644 --- a/charts/services/auth-admin-web/values.prod.yaml +++ b/charts/services/auth-admin-web/values.prod.yaml @@ -1,823 +1,109 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://innskra.island.is/admin' - IDENTITYSERVER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'false' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'true' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.innskra.island.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "auth-admin-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "NEXT_PUBLIC_BACKEND_URL": "/backend", + "IDENTITYSERVER_DOMAIN": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "BASE_URL": { + "dev": "https://identity-server.dev01.devland.is/admin", + "staging": "https://identity-server.staging01.devland.is/admin", + "prod": "https://innskra.island.is/admin" + }, + "NEXTAUTH_URL": { + "dev": "https://identity-server.dev01.devland.is/admin/api/auth", + "staging": "https://identity-server.staging01.devland.is/admin/api/auth", + "prod": "https://innskra.island.is/admin/api/auth" + } + }, + "features": {}, + "name": "auth-admin-web", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITYSERVER_SECRET": "/k8s/auth-admin-web/IDENTITYSERVER_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server", + "staging": "identity-server", + "prod": "innskra.island.is" + }, + "paths": [ + "/admin" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "identity-server-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "256Mi" + }, + "requests": { + "cpu": "200m", + "memory": "192Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "auth-admin-web", + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + }, + "extraAttributes": { + "dev": { + "progressDeadlineSeconds": 1200 + }, + "staging": { + "progressDeadlineSeconds": 1200 + }, + "prod": { + "progressDeadlineSeconds": 1200 + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/auth-admin-web/values.staging.yaml b/charts/services/auth-admin-web/values.staging.yaml index 2273a2f55b22..c37cdeef4bd8 100644 --- a/charts/services/auth-admin-web/values.staging.yaml +++ b/charts/services/auth-admin-web/values.staging.yaml @@ -1,826 +1,109 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.staging01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "auth-admin-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "NEXT_PUBLIC_BACKEND_URL": "/backend", + "IDENTITYSERVER_DOMAIN": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "BASE_URL": { + "dev": "https://identity-server.dev01.devland.is/admin", + "staging": "https://identity-server.staging01.devland.is/admin", + "prod": "https://innskra.island.is/admin" + }, + "NEXTAUTH_URL": { + "dev": "https://identity-server.dev01.devland.is/admin/api/auth", + "staging": "https://identity-server.staging01.devland.is/admin/api/auth", + "prod": "https://innskra.island.is/admin/api/auth" + } + }, + "features": {}, + "name": "auth-admin-web", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITYSERVER_SECRET": "/k8s/auth-admin-web/IDENTITYSERVER_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server", + "staging": "identity-server", + "prod": "innskra.island.is" + }, + "paths": [ + "/admin" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", + "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "identity-server-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "256Mi" + }, + "requests": { + "cpu": "200m", + "memory": "192Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "auth-admin-web", + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + }, + "extraAttributes": { + "dev": { + "progressDeadlineSeconds": 1200 + }, + "staging": { + "progressDeadlineSeconds": 1200 + }, + "prod": { + "progressDeadlineSeconds": 1200 + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/consultation-portal/values.dev.yaml b/charts/services/consultation-portal/values.dev.yaml index 58d9f8e96dbc..3786a3334616 100644 --- a/charts/services/consultation-portal/values.dev.yaml +++ b/charts/services/consultation-portal/values.dev.yaml @@ -1,3563 +1,102 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "consultation-portal": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/consultation-portal", + "IDENTITY_SERVER_ISSUER_DOMAIN": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "NEXTAUTH_URL": { + "dev": "https://beta.dev01.devland.is/samradsgatt/api/auth", + "staging": "https://beta.staging01.devland.is/samradsgatt/api/auth", + "prod": "https://island.is/samradsgatt/api/auth" + }, + "BACKEND_DL_URL": { + "dev": "https://samradapi-test.devland.is/api/Documents/", + "staging": "https://samradapi-test.devland.is/api/Documents/", + "prod": "https://samradapi.island.is/api/Documents/" + } + }, + "features": {}, + "name": "consultation-portal", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", + "IDENTITY_SERVER_SECRET": "/k8s/consultation-portal/IDENTITY_SERVER_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/samradsgatt" + ] + } + }, + "namespace": "consultation-portal", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "200m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "consultation-portal", + "replicaCount": { + "default": 2, + "max": 30, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/consultation-portal/values.prod.yaml b/charts/services/consultation-portal/values.prod.yaml index c7e37f4144c5..3786a3334616 100644 --- a/charts/services/consultation-portal/values.prod.yaml +++ b/charts/services/consultation-portal/values.prod.yaml @@ -1,3379 +1,102 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "consultation-portal": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/consultation-portal", + "IDENTITY_SERVER_ISSUER_DOMAIN": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "NEXTAUTH_URL": { + "dev": "https://beta.dev01.devland.is/samradsgatt/api/auth", + "staging": "https://beta.staging01.devland.is/samradsgatt/api/auth", + "prod": "https://island.is/samradsgatt/api/auth" + }, + "BACKEND_DL_URL": { + "dev": "https://samradapi-test.devland.is/api/Documents/", + "staging": "https://samradapi-test.devland.is/api/Documents/", + "prod": "https://samradapi.island.is/api/Documents/" + } + }, + "features": {}, + "name": "consultation-portal", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", + "IDENTITY_SERVER_SECRET": "/k8s/consultation-portal/IDENTITY_SERVER_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/samradsgatt" + ] + } + }, + "namespace": "consultation-portal", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "200m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "consultation-portal", + "replicaCount": { + "default": 2, + "max": 30, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/consultation-portal/values.staging.yaml b/charts/services/consultation-portal/values.staging.yaml index 227a2b0fcc6d..3786a3334616 100644 --- a/charts/services/consultation-portal/values.staging.yaml +++ b/charts/services/consultation-portal/values.staging.yaml @@ -1,3238 +1,102 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "consultation-portal": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/consultation-portal", + "IDENTITY_SERVER_ISSUER_DOMAIN": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "NEXTAUTH_URL": { + "dev": "https://beta.dev01.devland.is/samradsgatt/api/auth", + "staging": "https://beta.staging01.devland.is/samradsgatt/api/auth", + "prod": "https://island.is/samradsgatt/api/auth" + }, + "BACKEND_DL_URL": { + "dev": "https://samradapi-test.devland.is/api/Documents/", + "staging": "https://samradapi-test.devland.is/api/Documents/", + "prod": "https://samradapi.island.is/api/Documents/" + } + }, + "features": {}, + "name": "consultation-portal", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", + "IDENTITY_SERVER_SECRET": "/k8s/consultation-portal/IDENTITY_SERVER_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/samradsgatt" + ] + } + }, + "namespace": "consultation-portal", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "200m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "consultation-portal", + "replicaCount": { + "default": 2, + "max": 30, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/contentful-apps/values.dev.yaml b/charts/services/contentful-apps/values.dev.yaml index 58d9f8e96dbc..841d1897dcf9 100644 --- a/charts/services/contentful-apps/values.dev.yaml +++ b/charts/services/contentful-apps/values.dev.yaml @@ -1,3563 +1,62 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "contentful-apps": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "contentful-apps", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "contentful-apps", + "staging": "contentful-apps", + "prod": "contentful-apps" + }, + "paths": [ + "/" + ] + } + }, + "namespace": "contentful-apps", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "50m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "contentful-apps", + "accountName": "contentful-apps", + "replicaCount": { + "default": 1, + "min": 1, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/contentful-apps/values.prod.yaml b/charts/services/contentful-apps/values.prod.yaml index c7e37f4144c5..841d1897dcf9 100644 --- a/charts/services/contentful-apps/values.prod.yaml +++ b/charts/services/contentful-apps/values.prod.yaml @@ -1,3379 +1,62 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "contentful-apps": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "contentful-apps", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "contentful-apps", + "staging": "contentful-apps", + "prod": "contentful-apps" + }, + "paths": [ + "/" + ] + } + }, + "namespace": "contentful-apps", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "50m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "contentful-apps", + "accountName": "contentful-apps", + "replicaCount": { + "default": 1, + "min": 1, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/contentful-entry-tagger-service/values.dev.yaml b/charts/services/contentful-entry-tagger-service/values.dev.yaml index 58d9f8e96dbc..bb41b19b13d8 100644 --- a/charts/services/contentful-entry-tagger-service/values.dev.yaml +++ b/charts/services/contentful-entry-tagger-service/values.dev.yaml @@ -1,3563 +1,59 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "contentful-entry-tagger-service": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "contentful-entry-tagger-service", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "CONTENTFUL_MANAGEMENT_ACCESS_TOKEN": "/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN", + "CONTENTFUL_REQUEST_TOKEN": "/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": "contentful-entry-tagger-service", + "staging": "contentful-entry-tagger-service", + "prod": "contentful-entry-tagger-service.devland.is" + }, + "paths": [ + "/" + ] + } + }, + "namespace": "contentful-entry-tagger", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-contentful-entry-tagger", + "accountName": "contentful-entry-tagger" + } + } +} \ No newline at end of file diff --git a/charts/services/contentful-entry-tagger-service/values.prod.yaml b/charts/services/contentful-entry-tagger-service/values.prod.yaml index c7e37f4144c5..bb41b19b13d8 100644 --- a/charts/services/contentful-entry-tagger-service/values.prod.yaml +++ b/charts/services/contentful-entry-tagger-service/values.prod.yaml @@ -1,3379 +1,59 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "contentful-entry-tagger-service": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "contentful-entry-tagger-service", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "CONTENTFUL_MANAGEMENT_ACCESS_TOKEN": "/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN", + "CONTENTFUL_REQUEST_TOKEN": "/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": "contentful-entry-tagger-service", + "staging": "contentful-entry-tagger-service", + "prod": "contentful-entry-tagger-service.devland.is" + }, + "paths": [ + "/" + ] + } + }, + "namespace": "contentful-entry-tagger", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-contentful-entry-tagger", + "accountName": "contentful-entry-tagger" + } + } +} \ No newline at end of file diff --git a/charts/services/download-service/values.dev.yaml b/charts/services/download-service/values.dev.yaml index 58d9f8e96dbc..e7a79ccbf27d 100644 --- a/charts/services/download-service/values.dev.yaml +++ b/charts/services/download-service/values.dev.yaml @@ -1,3563 +1,276 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "download-service": { + "serviceDef": { + "liveness": { + "path": "download/v1/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "download/v1/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/download-service" + }, + "features": {}, + "name": "download-service", + "grantNamespaces": [ + "islandis", + "nginx-ingress-external", + "services-bff-portals-admin" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET", + "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", + "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", + "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", + "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", + "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", + "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", + "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", + "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH" + }, + "ingress": { + "primary": { + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": {} + }, + "host": { + "dev": [ + "api" + ], + "staging": [ + "api" + ], + "prod": [ + "api" + ] + }, + "paths": [ + "/download" + ], + "public": true + } + }, + "namespace": "download-service", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "200m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", + "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" + }, + "XROAD_FINANCES_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" + }, + "XROAD_HMS_LOANS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" + }, + "XROAD_HMS_HOUSING_BENEFITS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_INSURANCE_WSDLURL": { + "dev": "https://test-huld.sjukra.is/islandrg?wsdl", + "staging": "https://test-huld.sjukra.is/islandrg?wsdl", + "prod": "https://huld.sjukra.is/islandrg?wsdl" + }, + "XROAD_HEALTH_INSURANCE_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", + "prod": "IS/GOV/4804080550/SJUKRA-Protected" + }, + "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" + } + }, + "secrets": { + "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", + "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", + "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", + "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" + }, + "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" + }, + "XROAD_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" + }, + "XROAD_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" + }, + "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" + }, + "XROAD_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", + "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_LICENSE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" + }, + "XROAD_MMS_GRADE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "download-service" + } + } +} \ No newline at end of file diff --git a/charts/services/download-service/values.prod.yaml b/charts/services/download-service/values.prod.yaml index c7e37f4144c5..e7a79ccbf27d 100644 --- a/charts/services/download-service/values.prod.yaml +++ b/charts/services/download-service/values.prod.yaml @@ -1,3379 +1,276 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "download-service": { + "serviceDef": { + "liveness": { + "path": "download/v1/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "download/v1/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/download-service" + }, + "features": {}, + "name": "download-service", + "grantNamespaces": [ + "islandis", + "nginx-ingress-external", + "services-bff-portals-admin" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET", + "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", + "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", + "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", + "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", + "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", + "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", + "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", + "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH" + }, + "ingress": { + "primary": { + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": {} + }, + "host": { + "dev": [ + "api" + ], + "staging": [ + "api" + ], + "prod": [ + "api" + ] + }, + "paths": [ + "/download" + ], + "public": true + } + }, + "namespace": "download-service", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "200m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", + "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" + }, + "XROAD_FINANCES_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" + }, + "XROAD_HMS_LOANS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" + }, + "XROAD_HMS_HOUSING_BENEFITS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_INSURANCE_WSDLURL": { + "dev": "https://test-huld.sjukra.is/islandrg?wsdl", + "staging": "https://test-huld.sjukra.is/islandrg?wsdl", + "prod": "https://huld.sjukra.is/islandrg?wsdl" + }, + "XROAD_HEALTH_INSURANCE_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", + "prod": "IS/GOV/4804080550/SJUKRA-Protected" + }, + "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" + } + }, + "secrets": { + "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", + "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", + "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", + "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" + }, + "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" + }, + "XROAD_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" + }, + "XROAD_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" + }, + "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" + }, + "XROAD_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", + "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_LICENSE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" + }, + "XROAD_MMS_GRADE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "download-service" + } + } +} \ No newline at end of file diff --git a/charts/services/download-service/values.staging.yaml b/charts/services/download-service/values.staging.yaml index 227a2b0fcc6d..e7a79ccbf27d 100644 --- a/charts/services/download-service/values.staging.yaml +++ b/charts/services/download-service/values.staging.yaml @@ -1,3238 +1,276 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "download-service": { + "serviceDef": { + "liveness": { + "path": "download/v1/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "download/v1/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/download-service" + }, + "features": {}, + "name": "download-service", + "grantNamespaces": [ + "islandis", + "nginx-ingress-external", + "services-bff-portals-admin" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET", + "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", + "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", + "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", + "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", + "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", + "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", + "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", + "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH" + }, + "ingress": { + "primary": { + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": {} + }, + "host": { + "dev": [ + "api" + ], + "staging": [ + "api" + ], + "prod": [ + "api" + ] + }, + "paths": [ + "/download" + ], + "public": true + } + }, + "namespace": "download-service", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "200m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FINANCES_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", + "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" + }, + "XROAD_FINANCES_V2_PATH": { + "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", + "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", + "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" + }, + "XROAD_HMS_LOANS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" + }, + "XROAD_HMS_HOUSING_BENEFITS_PATH": { + "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", + "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", + "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_HEALTH_INSURANCE_WSDLURL": { + "dev": "https://test-huld.sjukra.is/islandrg?wsdl", + "staging": "https://test-huld.sjukra.is/islandrg?wsdl", + "prod": "https://huld.sjukra.is/islandrg?wsdl" + }, + "XROAD_HEALTH_INSURANCE_ID": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", + "prod": "IS/GOV/4804080550/SJUKRA-Protected" + }, + "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { + "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", + "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", + "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" + } + }, + "secrets": { + "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", + "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", + "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", + "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" + } + } + }, + { + "config": { + "env": { + "XROAD_VEHICLES_PATH": { + "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", + "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", + "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" + }, + "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" + }, + "XROAD_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" + }, + "XROAD_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" + }, + "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" + }, + "XROAD_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", + "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_WORK_MACHINE_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", + "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", + "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" + } + } + } + }, + { + "config": { + "env": { + "XROAD_MMS_LICENSE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" + }, + "XROAD_MMS_GRADE_SERVICE_ID": { + "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", + "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", + "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { + "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", + "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "download-service" + } + } +} \ No newline at end of file diff --git a/charts/services/endorsement-system-api/values.dev.yaml b/charts/services/endorsement-system-api/values.dev.yaml index 58d9f8e96dbc..7f84e7553d7d 100644 --- a/charts/services/endorsement-system-api/values.dev.yaml +++ b/charts/services/endorsement-system-api/values.dev.yaml @@ -1,3563 +1,188 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "endorsement-system-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "EMAIL_REGION": "eu-west-1", + "EMAIL_FROM_NAME": { + "dev": "devland.is", + "staging": "devland.is", + "prod": "island.is" + }, + "EMAIL_FROM_ADDRESS": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "noreply@island.is" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/endorsement", + "ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME": { + "dev": "island-is-dev-exports-endorsement-system", + "staging": "island-is-staging-exports-endorsement-system", + "prod": "island-is-prod-exports-endorsement-system" + } + }, + "features": {}, + "name": "endorsement-system-api", + "grantNamespaces": [ + "islandis", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/endorsement-system-api/IDS-shared-secret", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "endorsement-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-endorsements-api", + "accountName": "endorsement-system-api", + "cmds": "node", + "args": [ + "--tls-min-v1.0", + "--no-experimental-fetch", + "main.js" + ], + "postgres": { + "name": "services_endorsements_api", + "username": "services_endorsements_api", + "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "services_endorsements_api", + "username": "services_endorsements_api", + "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/endorsement-system-api/values.prod.yaml b/charts/services/endorsement-system-api/values.prod.yaml index c7e37f4144c5..7f84e7553d7d 100644 --- a/charts/services/endorsement-system-api/values.prod.yaml +++ b/charts/services/endorsement-system-api/values.prod.yaml @@ -1,3379 +1,188 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "endorsement-system-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "EMAIL_REGION": "eu-west-1", + "EMAIL_FROM_NAME": { + "dev": "devland.is", + "staging": "devland.is", + "prod": "island.is" + }, + "EMAIL_FROM_ADDRESS": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "noreply@island.is" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/endorsement", + "ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME": { + "dev": "island-is-dev-exports-endorsement-system", + "staging": "island-is-staging-exports-endorsement-system", + "prod": "island-is-prod-exports-endorsement-system" + } + }, + "features": {}, + "name": "endorsement-system-api", + "grantNamespaces": [ + "islandis", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/endorsement-system-api/IDS-shared-secret", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "endorsement-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-endorsements-api", + "accountName": "endorsement-system-api", + "cmds": "node", + "args": [ + "--tls-min-v1.0", + "--no-experimental-fetch", + "main.js" + ], + "postgres": { + "name": "services_endorsements_api", + "username": "services_endorsements_api", + "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "services_endorsements_api", + "username": "services_endorsements_api", + "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/endorsement-system-api/values.staging.yaml b/charts/services/endorsement-system-api/values.staging.yaml index 227a2b0fcc6d..7f84e7553d7d 100644 --- a/charts/services/endorsement-system-api/values.staging.yaml +++ b/charts/services/endorsement-system-api/values.staging.yaml @@ -1,3238 +1,188 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "endorsement-system-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "EMAIL_REGION": "eu-west-1", + "EMAIL_FROM_NAME": { + "dev": "devland.is", + "staging": "devland.is", + "prod": "island.is" + }, + "EMAIL_FROM_ADDRESS": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "noreply@island.is" + }, + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/endorsement", + "ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME": { + "dev": "island-is-dev-exports-endorsement-system", + "staging": "island-is-staging-exports-endorsement-system", + "prod": "island-is-prod-exports-endorsement-system" + } + }, + "features": {}, + "name": "endorsement-system-api", + "grantNamespaces": [ + "islandis", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/endorsement-system-api/IDS-shared-secret", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "endorsement-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-endorsements-api", + "accountName": "endorsement-system-api", + "cmds": "node", + "args": [ + "--tls-min-v1.0", + "--no-experimental-fetch", + "main.js" + ], + "postgres": { + "name": "services_endorsements_api", + "username": "services_endorsements_api", + "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "services_endorsements_api", + "username": "services_endorsements_api", + "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/external-contracts-tests/values.dev.yaml b/charts/services/external-contracts-tests/values.dev.yaml index 58d9f8e96dbc..2e82480b4b1e 100644 --- a/charts/services/external-contracts-tests/values.dev.yaml +++ b/charts/services/external-contracts-tests/values.dev.yaml @@ -1,3563 +1,101 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "external-contracts-tests": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "external-contracts-tests", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "external-contracts-tests", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "1", + "memory": "1024Mi" + }, + "requests": { + "cpu": "500m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + } + } + } + } + ], + "files": [], + "volumes": [], + "extraAttributes": { + "dev": { + "schedule": "0 11 * * *" + }, + "staging": { + "schedule": "0 11 * * *" + }, + "prod": { + "schedule": "0 11 * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/github-actions-cache/values.dev.yaml b/charts/services/github-actions-cache/values.dev.yaml index 58d9f8e96dbc..9fe457e8b842 100644 --- a/charts/services/github-actions-cache/values.dev.yaml +++ b/charts/services/github-actions-cache/values.dev.yaml @@ -1,3563 +1,82 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "github-actions-cache": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "REDIS_NODES": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379" + }, + "features": {}, + "name": "github-actions-cache", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "cache" + ], + "staging": [ + "" + ], + "prod": [ + "", + "" + ] + }, + "paths": [ + "/" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + } + }, + "public": true + } + }, + "namespace": "github-actions-cache", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "github-actions-cache", + "cmds": "node", + "args": [ + "--tls-min-v1.0", + "--no-experimental-fetch", + "main.js" + ], + "replicaCount": { + "min": 3, + "max": 8, + "default": 5 + } + } + } +} \ No newline at end of file diff --git a/charts/services/icelandic-names-registry-backend/values.dev.yaml b/charts/services/icelandic-names-registry-backend/values.dev.yaml index 58d9f8e96dbc..57b6470cd7ea 100644 --- a/charts/services/icelandic-names-registry-backend/values.dev.yaml +++ b/charts/services/icelandic-names-registry-backend/values.dev.yaml @@ -1,3563 +1,86 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "icelandic-names-registry-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "icelandic-names-registry-backend", + "grantNamespaces": [ + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "icelandic-names-registry", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "icelandic-names-registry-backend", + "postgres": { + "username": "icelandic_names_registry_backend", + "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", + "name": "icelandic_names_registry_backend" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + }, + { + "name": "seed", + "command": "npx", + "args": [ + "sequelize-cli", + "db:seed:all" + ] + } + ], + "postgres": { + "username": "icelandic_names_registry_backend", + "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", + "name": "icelandic_names_registry_backend" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/icelandic-names-registry-backend/values.prod.yaml b/charts/services/icelandic-names-registry-backend/values.prod.yaml index c7e37f4144c5..57b6470cd7ea 100644 --- a/charts/services/icelandic-names-registry-backend/values.prod.yaml +++ b/charts/services/icelandic-names-registry-backend/values.prod.yaml @@ -1,3379 +1,86 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "icelandic-names-registry-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "icelandic-names-registry-backend", + "grantNamespaces": [ + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "icelandic-names-registry", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "icelandic-names-registry-backend", + "postgres": { + "username": "icelandic_names_registry_backend", + "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", + "name": "icelandic_names_registry_backend" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + }, + { + "name": "seed", + "command": "npx", + "args": [ + "sequelize-cli", + "db:seed:all" + ] + } + ], + "postgres": { + "username": "icelandic_names_registry_backend", + "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", + "name": "icelandic_names_registry_backend" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/icelandic-names-registry-backend/values.staging.yaml b/charts/services/icelandic-names-registry-backend/values.staging.yaml index 227a2b0fcc6d..57b6470cd7ea 100644 --- a/charts/services/icelandic-names-registry-backend/values.staging.yaml +++ b/charts/services/icelandic-names-registry-backend/values.staging.yaml @@ -1,3238 +1,86 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "icelandic-names-registry-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "icelandic-names-registry-backend", + "grantNamespaces": [ + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "icelandic-names-registry", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "icelandic-names-registry-backend", + "postgres": { + "username": "icelandic_names_registry_backend", + "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", + "name": "icelandic_names_registry_backend" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + }, + { + "name": "seed", + "command": "npx", + "args": [ + "sequelize-cli", + "db:seed:all" + ] + } + ], + "postgres": { + "username": "icelandic_names_registry_backend", + "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", + "name": "icelandic_names_registry_backend" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/identity-server/values.dev.yaml b/charts/services/identity-server/values.dev.yaml index 2efa5ea90de6..5b8832c33b52 100644 --- a/charts/services/identity-server/values.dev.yaml +++ b/charts/services/identity-server/values.dev.yaml @@ -1,826 +1,201 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.dev01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://preview.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "identity-server": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AWS__CloudWatch__AuditLogGroup": "/identity-server/audit-log", + "ASPNETCORE_URLS": "http://*:5000", + "CORECLR_ENABLE_PROFILING": "1", + "CORECLR_PROFILER": "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}", + "CORECLR_PROFILER_PATH": "/opt/datadog/Datadog.Trace.ClrProfiler.Native.so", + "DD_INTEGRATIONS": "/opt/datadog/integrations.json", + "DD_DOTNET_TRACER_HOME": "/opt/datadog", + "DD_TRACE_DEBUG": "true", + "Datadog__Metrics__Port": "5003", + "AudkenniSettings__Retries": "24", + "AWS__SystemsManager__ParameterStore__DataProtectionPrefix": { + "dev": "/k8s/identity-server/DataProtectionSecret", + "staging": "/k8s/identity-server/DataProtectionSecret", + "prod": "/k8s/identity-server/DataProtectionSecret" + }, + "CacheSettings__Enabled": { + "dev": "true", + "staging": "true", + "prod": "true" + }, + "RedisSettings__Address": { + "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com", + "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com", + "prod": "clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com" + }, + "RedisSettings__Port": { + "dev": "6379", + "staging": "6379", + "prod": "6379" + }, + "IdentityServer__EnableFakeLogin": { + "dev": "true", + "staging": "true", + "prod": "true" + }, + "IdentityServer__EnableFeatureDeploymentWildcards": { + "dev": "true", + "staging": "true", + "prod": "false" + }, + "IdentityServer__KeyManagement__Enabled": { + "dev": "true", + "staging": "true", + "prod": "true" + }, + "IdentityServer__ConsentsScope": "@island.is/auth/consents", + "SessionsApiSettings__BaseAddress": { + "dev": "http://web-services-sessions.services-sessions.svc.cluster.local", + "staging": "http://web-services-sessions.services-sessions.svc.cluster.local", + "prod": "https://sessions-api.internal.island.is" + }, + "PersistenceSettings__DelegationsCacheEnabled": { + "dev": "false", + "staging": "false", + "prod": "true" + }, + "MeUserProfileApiSettings__BaseAddress": { + "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", + "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", + "prod": "https://service-portal-api.internal.island.is" + }, + "Application__MinCompletionPortThreads": "10", + "ContentfulSettings__BaseAddress": { + "dev": "https://preview.contentful.com", + "staging": "https://cdn.contentful.com", + "prod": "https://cdn.contentful.com" + }, + "Application__AllowedRedirectUris": { + "dev": "https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir", + "staging": "https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir", + "prod": "https://island.is/minarsidur,https://island.is/umsoknir" + } + }, + "features": {}, + "name": "identity-server", + "grantNamespaces": [ + "nginx-ingress-external", + "user-notification", + "portals-admin" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IdentityServer__LicenseKey": "/k8s/identity-server/LicenseKey", + "AudkenniSettings__ClientId": "/k8s/identity-server/AudkenniClientId", + "AudkenniSettings__ClientSecret": "/k8s/identity-server/AudkenniClientSecret", + "IdentityServer__FakePersons": "/k8s/identity-server/FakePersons", + "IdentityServer__SigningCertificate__Passphrase": "/k8s/identity-server/SigningCertificatePassphrase", + "PersistenceSettings__AccessTokenManagementSettings__ClientSecret": "/k8s/identity-server/ClientSecret", + "Scopes__Admin__RootAccessList": "/k8s/identity-server/AdminRootAccessList", + "FeatureFlags__ConfigCatSdkKey": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ContentfulSettings__AccessToken": "/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN", + "Redaction__UserIdentifiers__KeyId": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID", + "Redaction__UserIdentifiers__Key": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server", + "staging": "identity-server", + "prod": "innskra.island.is" + }, + "paths": [ + "/" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "identity-server", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "4000m", + "memory": "2048Mi" + }, + "requests": { + "cpu": "1000m", + "memory": "1024Mi" + } + }, + "xroadConfig": [], + "files": [ + { + "filename": "ids-signing.pfx", + "env": "IdentityServer__SigningCertificate__Path" + } + ], + "volumes": [ + { + "mountPath": "/keys", + "size": "1Gi", + "accessModes": "ReadWrite" + } + ], + "image": "identity-server", + "healthPort": 5010, + "port": 5000, + "accountName": "identity-server", + "extraAttributes": { + "dev": { + "annotations": { + "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", + "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", + "ad.datadoghq.com/identity-server.init_configs": "[{}]", + "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" + } + }, + "staging": { + "annotations": { + "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", + "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", + "ad.datadoghq.com/identity-server.init_configs": "[{}]", + "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" + } + }, + "prod": { + "annotations": { + "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", + "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", + "ad.datadoghq.com/identity-server.init_configs": "[{}]", + "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" + } + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/identity-server/values.prod.yaml b/charts/services/identity-server/values.prod.yaml index 6ebbacf21056..5b8832c33b52 100644 --- a/charts/services/identity-server/values.prod.yaml +++ b/charts/services/identity-server/values.prod.yaml @@ -1,823 +1,201 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://innskra.island.is/admin' - IDENTITYSERVER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'false' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'true' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.innskra.island.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "identity-server": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AWS__CloudWatch__AuditLogGroup": "/identity-server/audit-log", + "ASPNETCORE_URLS": "http://*:5000", + "CORECLR_ENABLE_PROFILING": "1", + "CORECLR_PROFILER": "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}", + "CORECLR_PROFILER_PATH": "/opt/datadog/Datadog.Trace.ClrProfiler.Native.so", + "DD_INTEGRATIONS": "/opt/datadog/integrations.json", + "DD_DOTNET_TRACER_HOME": "/opt/datadog", + "DD_TRACE_DEBUG": "true", + "Datadog__Metrics__Port": "5003", + "AudkenniSettings__Retries": "24", + "AWS__SystemsManager__ParameterStore__DataProtectionPrefix": { + "dev": "/k8s/identity-server/DataProtectionSecret", + "staging": "/k8s/identity-server/DataProtectionSecret", + "prod": "/k8s/identity-server/DataProtectionSecret" + }, + "CacheSettings__Enabled": { + "dev": "true", + "staging": "true", + "prod": "true" + }, + "RedisSettings__Address": { + "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com", + "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com", + "prod": "clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com" + }, + "RedisSettings__Port": { + "dev": "6379", + "staging": "6379", + "prod": "6379" + }, + "IdentityServer__EnableFakeLogin": { + "dev": "true", + "staging": "true", + "prod": "true" + }, + "IdentityServer__EnableFeatureDeploymentWildcards": { + "dev": "true", + "staging": "true", + "prod": "false" + }, + "IdentityServer__KeyManagement__Enabled": { + "dev": "true", + "staging": "true", + "prod": "true" + }, + "IdentityServer__ConsentsScope": "@island.is/auth/consents", + "SessionsApiSettings__BaseAddress": { + "dev": "http://web-services-sessions.services-sessions.svc.cluster.local", + "staging": "http://web-services-sessions.services-sessions.svc.cluster.local", + "prod": "https://sessions-api.internal.island.is" + }, + "PersistenceSettings__DelegationsCacheEnabled": { + "dev": "false", + "staging": "false", + "prod": "true" + }, + "MeUserProfileApiSettings__BaseAddress": { + "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", + "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", + "prod": "https://service-portal-api.internal.island.is" + }, + "Application__MinCompletionPortThreads": "10", + "ContentfulSettings__BaseAddress": { + "dev": "https://preview.contentful.com", + "staging": "https://cdn.contentful.com", + "prod": "https://cdn.contentful.com" + }, + "Application__AllowedRedirectUris": { + "dev": "https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir", + "staging": "https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir", + "prod": "https://island.is/minarsidur,https://island.is/umsoknir" + } + }, + "features": {}, + "name": "identity-server", + "grantNamespaces": [ + "nginx-ingress-external", + "user-notification", + "portals-admin" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IdentityServer__LicenseKey": "/k8s/identity-server/LicenseKey", + "AudkenniSettings__ClientId": "/k8s/identity-server/AudkenniClientId", + "AudkenniSettings__ClientSecret": "/k8s/identity-server/AudkenniClientSecret", + "IdentityServer__FakePersons": "/k8s/identity-server/FakePersons", + "IdentityServer__SigningCertificate__Passphrase": "/k8s/identity-server/SigningCertificatePassphrase", + "PersistenceSettings__AccessTokenManagementSettings__ClientSecret": "/k8s/identity-server/ClientSecret", + "Scopes__Admin__RootAccessList": "/k8s/identity-server/AdminRootAccessList", + "FeatureFlags__ConfigCatSdkKey": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ContentfulSettings__AccessToken": "/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN", + "Redaction__UserIdentifiers__KeyId": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID", + "Redaction__UserIdentifiers__Key": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server", + "staging": "identity-server", + "prod": "innskra.island.is" + }, + "paths": [ + "/" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "identity-server", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "4000m", + "memory": "2048Mi" + }, + "requests": { + "cpu": "1000m", + "memory": "1024Mi" + } + }, + "xroadConfig": [], + "files": [ + { + "filename": "ids-signing.pfx", + "env": "IdentityServer__SigningCertificate__Path" + } + ], + "volumes": [ + { + "mountPath": "/keys", + "size": "1Gi", + "accessModes": "ReadWrite" + } + ], + "image": "identity-server", + "healthPort": 5010, + "port": 5000, + "accountName": "identity-server", + "extraAttributes": { + "dev": { + "annotations": { + "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", + "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", + "ad.datadoghq.com/identity-server.init_configs": "[{}]", + "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" + } + }, + "staging": { + "annotations": { + "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", + "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", + "ad.datadoghq.com/identity-server.init_configs": "[{}]", + "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" + } + }, + "prod": { + "annotations": { + "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", + "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", + "ad.datadoghq.com/identity-server.init_configs": "[{}]", + "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" + } + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/identity-server/values.staging.yaml b/charts/services/identity-server/values.staging.yaml index 2273a2f55b22..5b8832c33b52 100644 --- a/charts/services/identity-server/values.staging.yaml +++ b/charts/services/identity-server/values.staging.yaml @@ -1,826 +1,201 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.staging01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "identity-server": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AWS__CloudWatch__AuditLogGroup": "/identity-server/audit-log", + "ASPNETCORE_URLS": "http://*:5000", + "CORECLR_ENABLE_PROFILING": "1", + "CORECLR_PROFILER": "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}", + "CORECLR_PROFILER_PATH": "/opt/datadog/Datadog.Trace.ClrProfiler.Native.so", + "DD_INTEGRATIONS": "/opt/datadog/integrations.json", + "DD_DOTNET_TRACER_HOME": "/opt/datadog", + "DD_TRACE_DEBUG": "true", + "Datadog__Metrics__Port": "5003", + "AudkenniSettings__Retries": "24", + "AWS__SystemsManager__ParameterStore__DataProtectionPrefix": { + "dev": "/k8s/identity-server/DataProtectionSecret", + "staging": "/k8s/identity-server/DataProtectionSecret", + "prod": "/k8s/identity-server/DataProtectionSecret" + }, + "CacheSettings__Enabled": { + "dev": "true", + "staging": "true", + "prod": "true" + }, + "RedisSettings__Address": { + "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com", + "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com", + "prod": "clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com" + }, + "RedisSettings__Port": { + "dev": "6379", + "staging": "6379", + "prod": "6379" + }, + "IdentityServer__EnableFakeLogin": { + "dev": "true", + "staging": "true", + "prod": "true" + }, + "IdentityServer__EnableFeatureDeploymentWildcards": { + "dev": "true", + "staging": "true", + "prod": "false" + }, + "IdentityServer__KeyManagement__Enabled": { + "dev": "true", + "staging": "true", + "prod": "true" + }, + "IdentityServer__ConsentsScope": "@island.is/auth/consents", + "SessionsApiSettings__BaseAddress": { + "dev": "http://web-services-sessions.services-sessions.svc.cluster.local", + "staging": "http://web-services-sessions.services-sessions.svc.cluster.local", + "prod": "https://sessions-api.internal.island.is" + }, + "PersistenceSettings__DelegationsCacheEnabled": { + "dev": "false", + "staging": "false", + "prod": "true" + }, + "MeUserProfileApiSettings__BaseAddress": { + "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", + "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", + "prod": "https://service-portal-api.internal.island.is" + }, + "Application__MinCompletionPortThreads": "10", + "ContentfulSettings__BaseAddress": { + "dev": "https://preview.contentful.com", + "staging": "https://cdn.contentful.com", + "prod": "https://cdn.contentful.com" + }, + "Application__AllowedRedirectUris": { + "dev": "https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir", + "staging": "https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir", + "prod": "https://island.is/minarsidur,https://island.is/umsoknir" + } + }, + "features": {}, + "name": "identity-server", + "grantNamespaces": [ + "nginx-ingress-external", + "user-notification", + "portals-admin" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IdentityServer__LicenseKey": "/k8s/identity-server/LicenseKey", + "AudkenniSettings__ClientId": "/k8s/identity-server/AudkenniClientId", + "AudkenniSettings__ClientSecret": "/k8s/identity-server/AudkenniClientSecret", + "IdentityServer__FakePersons": "/k8s/identity-server/FakePersons", + "IdentityServer__SigningCertificate__Passphrase": "/k8s/identity-server/SigningCertificatePassphrase", + "PersistenceSettings__AccessTokenManagementSettings__ClientSecret": "/k8s/identity-server/ClientSecret", + "Scopes__Admin__RootAccessList": "/k8s/identity-server/AdminRootAccessList", + "FeatureFlags__ConfigCatSdkKey": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ContentfulSettings__AccessToken": "/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN", + "Redaction__UserIdentifiers__KeyId": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID", + "Redaction__UserIdentifiers__Key": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server", + "staging": "identity-server", + "prod": "innskra.island.is" + }, + "paths": [ + "/" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "identity-server", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "4000m", + "memory": "2048Mi" + }, + "requests": { + "cpu": "1000m", + "memory": "1024Mi" + } + }, + "xroadConfig": [], + "files": [ + { + "filename": "ids-signing.pfx", + "env": "IdentityServer__SigningCertificate__Path" + } + ], + "volumes": [ + { + "mountPath": "/keys", + "size": "1Gi", + "accessModes": "ReadWrite" + } + ], + "image": "identity-server", + "healthPort": 5010, + "port": 5000, + "accountName": "identity-server", + "extraAttributes": { + "dev": { + "annotations": { + "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", + "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", + "ad.datadoghq.com/identity-server.init_configs": "[{}]", + "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" + } + }, + "staging": { + "annotations": { + "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", + "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", + "ad.datadoghq.com/identity-server.init_configs": "[{}]", + "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" + } + }, + "prod": { + "annotations": { + "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", + "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", + "ad.datadoghq.com/identity-server.init_configs": "[{}]", + "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" + } + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/island-ui-storybook/values.dev.yaml b/charts/services/island-ui-storybook/values.dev.yaml index 58d9f8e96dbc..7b867b997d87 100644 --- a/charts/services/island-ui-storybook/values.dev.yaml +++ b/charts/services/island-ui-storybook/values.dev.yaml @@ -1,3563 +1,57 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "island-ui-storybook": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "island-ui-storybook", + "grantNamespaces": [ + "nginx-ingress-external" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "ui", + "staging": "ui", + "prod": "ui.devland.is" + }, + "paths": [ + "/" + ] + } + }, + "namespace": "storybook", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "10m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [] + } + } +} \ No newline at end of file diff --git a/charts/services/island-ui-storybook/values.prod.yaml b/charts/services/island-ui-storybook/values.prod.yaml index c7e37f4144c5..7b867b997d87 100644 --- a/charts/services/island-ui-storybook/values.prod.yaml +++ b/charts/services/island-ui-storybook/values.prod.yaml @@ -1,3379 +1,57 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "island-ui-storybook": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "island-ui-storybook", + "grantNamespaces": [ + "nginx-ingress-external" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "ui", + "staging": "ui", + "prod": "ui.devland.is" + }, + "paths": [ + "/" + ] + } + }, + "namespace": "storybook", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "10m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [] + } + } +} \ No newline at end of file diff --git a/charts/services/island-ui-storybook/values.staging.yaml b/charts/services/island-ui-storybook/values.staging.yaml index 227a2b0fcc6d..7b867b997d87 100644 --- a/charts/services/island-ui-storybook/values.staging.yaml +++ b/charts/services/island-ui-storybook/values.staging.yaml @@ -1,3238 +1,57 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "island-ui-storybook": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "island-ui-storybook", + "grantNamespaces": [ + "nginx-ingress-external" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "ui", + "staging": "ui", + "prod": "ui.devland.is" + }, + "paths": [ + "/" + ] + } + }, + "namespace": "storybook", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "10m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [] + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-api/values.dev.yaml b/charts/services/judicial-system-api/values.dev.yaml index b87ac2b9294f..377ff1acf6c3 100644 --- a/charts/services/judicial-system-api/values.dev.yaml +++ b/charts/services/judicial-system-api/values.dev.yaml @@ -1,654 +1,126 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://judicial-system.dev01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - S3_BUCKET: 'island-is-dev-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '10019' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '10005' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.dev01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUTH_IDS_SCOPE": "openid profile", + "AUTH_IDS_CLIENT_ID": "@rettarvorslugatt.island.is/web", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "AUTH_IDS_REDIRECT_URI": { + "staging": "https://judicial-system.staging01.devland.is/api/auth/callback/identity-server", + "prod": "https://rettarvorslugatt.island.is/api/auth/callback/identity-server" + }, + "AUTH_IDS_LOGOUT_REDIRECT_URI": { + "dev": "https://judicial-system.dev01.devland.is", + "staging": "https://judicial-system.staging01.devland.is", + "prod": "https://rettarvorslugatt.island.is" + }, + "ALLOW_AUTH_BYPASS": { + "dev": "true", + "staging": "true", + "prod": "false" + }, + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENVIRONMENT": { + "dev": "test", + "staging": "test", + "prod": "master" + }, + "HIDDEN_FEATURES": { + "dev": "", + "staging": "", + "prod": "" + } + }, + "features": {}, + "name": "judicial-system-api", + "grantNamespaces": [ + "nginx-ingress-external" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", + "AUTH_IDS_SECRET": "/k8s/judicial-system/AUTH_IDS_SECRET", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system", + "staging": "judicial-system", + "prod": "rettarvorslugatt.island.is" + }, + "paths": [ + "/api/graphql", + "/api/auth", + "/api/case", + "/api/feature" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "350m", + "memory": "512Mi" + }, + "requests": { + "cpu": "200m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-api", + "replicaCount": { + "default": 2, + "max": 10, + "min": 2, + "scalingMagicNumber": 8 + } + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-api/values.prod.yaml b/charts/services/judicial-system-api/values.prod.yaml index f0a1db2678df..377ff1acf6c3 100644 --- a/charts/services/judicial-system-api/values.prod.yaml +++ b/charts/services/judicial-system-api/values.prod.yaml @@ -1,654 +1,126 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'false' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' - AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://rettarvorslugatt.island.is' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://ws.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-prod-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://rettarvorslugatt.island.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUTH_IDS_SCOPE": "openid profile", + "AUTH_IDS_CLIENT_ID": "@rettarvorslugatt.island.is/web", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "AUTH_IDS_REDIRECT_URI": { + "staging": "https://judicial-system.staging01.devland.is/api/auth/callback/identity-server", + "prod": "https://rettarvorslugatt.island.is/api/auth/callback/identity-server" + }, + "AUTH_IDS_LOGOUT_REDIRECT_URI": { + "dev": "https://judicial-system.dev01.devland.is", + "staging": "https://judicial-system.staging01.devland.is", + "prod": "https://rettarvorslugatt.island.is" + }, + "ALLOW_AUTH_BYPASS": { + "dev": "true", + "staging": "true", + "prod": "false" + }, + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENVIRONMENT": { + "dev": "test", + "staging": "test", + "prod": "master" + }, + "HIDDEN_FEATURES": { + "dev": "", + "staging": "", + "prod": "" + } + }, + "features": {}, + "name": "judicial-system-api", + "grantNamespaces": [ + "nginx-ingress-external" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", + "AUTH_IDS_SECRET": "/k8s/judicial-system/AUTH_IDS_SECRET", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system", + "staging": "judicial-system", + "prod": "rettarvorslugatt.island.is" + }, + "paths": [ + "/api/graphql", + "/api/auth", + "/api/case", + "/api/feature" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "350m", + "memory": "512Mi" + }, + "requests": { + "cpu": "200m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-api", + "replicaCount": { + "default": 2, + "max": 10, + "min": 2, + "scalingMagicNumber": 8 + } + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-api/values.staging.yaml b/charts/services/judicial-system-api/values.staging.yaml index e4a133f4ad7e..377ff1acf6c3 100644 --- a/charts/services/judicial-system-api/values.staging.yaml +++ b/charts/services/judicial-system-api/values.staging.yaml @@ -1,654 +1,126 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' - CLIENT_URL: 'https://judicial-system.staging01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-staging-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.staging01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUTH_IDS_SCOPE": "openid profile", + "AUTH_IDS_CLIENT_ID": "@rettarvorslugatt.island.is/web", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "AUTH_IDS_REDIRECT_URI": { + "staging": "https://judicial-system.staging01.devland.is/api/auth/callback/identity-server", + "prod": "https://rettarvorslugatt.island.is/api/auth/callback/identity-server" + }, + "AUTH_IDS_LOGOUT_REDIRECT_URI": { + "dev": "https://judicial-system.dev01.devland.is", + "staging": "https://judicial-system.staging01.devland.is", + "prod": "https://rettarvorslugatt.island.is" + }, + "ALLOW_AUTH_BYPASS": { + "dev": "true", + "staging": "true", + "prod": "false" + }, + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENVIRONMENT": { + "dev": "test", + "staging": "test", + "prod": "master" + }, + "HIDDEN_FEATURES": { + "dev": "", + "staging": "", + "prod": "" + } + }, + "features": {}, + "name": "judicial-system-api", + "grantNamespaces": [ + "nginx-ingress-external" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", + "AUTH_IDS_SECRET": "/k8s/judicial-system/AUTH_IDS_SECRET", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system", + "staging": "judicial-system", + "prod": "rettarvorslugatt.island.is" + }, + "paths": [ + "/api/graphql", + "/api/auth", + "/api/case", + "/api/feature" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "350m", + "memory": "512Mi" + }, + "requests": { + "cpu": "200m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-api", + "replicaCount": { + "default": 2, + "max": 10, + "min": 2, + "scalingMagicNumber": 8 + } + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-backend/values.dev.yaml b/charts/services/judicial-system-backend/values.dev.yaml index b87ac2b9294f..b45fad7fd6f2 100644 --- a/charts/services/judicial-system-backend/values.dev.yaml +++ b/charts/services/judicial-system-backend/values.dev.yaml @@ -1,654 +1,200 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://judicial-system.dev01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - S3_BUCKET: 'island-is-dev-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '10019' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '10005' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.dev01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "DOKOBIT_URL": { + "dev": "https://developers.dokobit.com", + "staging": "https://developers.dokobit.com", + "prod": "https://ws.dokobit.com" + }, + "EMAIL_REGION": "eu-west-1", + "S3_REGION": "eu-west-1", + "S3_BUCKET": { + "dev": "island-is-dev-upload-judicial-system", + "staging": "island-is-staging-upload-judicial-system", + "prod": "island-is-prod-upload-judicial-system" + }, + "S3_TIME_TO_LIVE_POST": "15", + "S3_TIME_TO_LIVE_GET": "5", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENVIRONMENT": { + "dev": "test", + "staging": "test", + "prod": "master" + }, + "CLIENT_URL": { + "prod": "https://rettarvorslugatt.island.is" + }, + "SQS_QUEUE_NAME": "sqs-judicial-system", + "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", + "SQS_REGION": "eu-west-1", + "BLOCKED_API_INTEGRATION": { + "dev": "", + "staging": "COURT,POLICE_CASE", + "prod": "" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT": { + "dev": "false", + "staging": "true", + "prod": "true" + } + }, + "features": {}, + "name": "judicial-system-backend", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NOVA_URL": "/k8s/judicial-system/NOVA_URL", + "NOVA_USERNAME": "/k8s/judicial-system/NOVA_USERNAME", + "NOVA_PASSWORD": "/k8s/judicial-system/NOVA_PASSWORD", + "COURTS_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_MOBILE_NUMBERS", + "COURTS_ASSISTANT_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS", + "COURTS_EMAILS": "/k8s/judicial-system/COURTS_EMAILS", + "DOKOBIT_ACCESS_TOKEN": "/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN", + "EMAIL_FROM": "/k8s/judicial-system/EMAIL_FROM", + "EMAIL_FROM_NAME": "/k8s/judicial-system/EMAIL_FROM_NAME", + "EMAIL_REPLY_TO": "/k8s/judicial-system/EMAIL_REPLY_TO", + "EMAIL_REPLY_TO_NAME": "/k8s/judicial-system/EMAIL_REPLY_TO_NAME", + "PRISON_EMAIL": "/k8s/judicial-system/PRISON_EMAIL", + "PRISON_ADMIN_EMAIL": "/k8s/judicial-system/PRISON_ADMIN_EMAIL", + "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", + "ADMIN_USERS": "/k8s/judicial-system/ADMIN_USERS", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", + "EVENT_URL": "/k8s/judicial-system/EVENT_URL", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "ARCHIVE_ENCRYPTION_KEY": "/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY", + "COURT_ROBOT_CLIENT_ID": "/k8s/judicial-system/COURT_ROBOT_CLIENT_ID", + "COURT_ROBOT_TENANT_ID": "/k8s/judicial-system/COURT_ROBOT_TENANT_ID", + "COURT_ROBOT_CLIENT_SECRET": "/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET", + "COURT_ROBOT_USER": "/k8s/judicial-system/COURT_ROBOT_USER", + "COURT_ROBOT_EMAIL": "/k8s/judicial-system/COURT_ROBOT_EMAIL" + }, + "ingress": {}, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "requests": { + "cpu": "100m", + "memory": "512Mi" + }, + "limits": { + "cpu": "400m", + "memory": "1024Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Client", + "staging": "IS-TEST/GOV/5804170510/Rettarvorslugatt-Client", + "prod": "IS/GOV/5804170510/Rettarvorslugatt-Client" + }, + "XROAD_COURT_MEMBER_CODE": { + "dev": "10019", + "staging": "4707171140", + "prod": "4707171140" + }, + "XROAD_POLICE_MEMBER_CODE": { + "dev": "10005", + "staging": "5309672079", + "prod": "5309672079" + }, + "XROAD_COURT_API_PATH": "/Domstolasyslan/JusticePortal-v1", + "XROAD_POLICE_API_PATH": "/Logreglan-Private/rettarvarsla-v1" + }, + "secrets": { + "XROAD_CLIENT_CERT": "/k8s/judicial-system/XROAD_CLIENT_CERT", + "XROAD_CLIENT_KEY": "/k8s/judicial-system/XROAD_CLIENT_KEY", + "XROAD_CLIENT_PEM": "/k8s/judicial-system/XROAD_CLIENT_PEM", + "XROAD_COURTS_CREDENTIALS": "/k8s/judicial-system/COURTS_CREDENTIALS", + "XROAD_POLICE_API_KEY": "/k8s/judicial-system/XROAD_POLICE_API_KEY" + } + } + } + ], + "files": [], + "volumes": [], + "accountName": "judicial-system-backend", + "postgres": { + "name": "judicial_system", + "username": "judicial_system", + "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "judicial_system", + "username": "judicial_system", + "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" + } + }, + "replicaCount": { + "min": 2, + "max": 10, + "default": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-backend/values.prod.yaml b/charts/services/judicial-system-backend/values.prod.yaml index f0a1db2678df..b45fad7fd6f2 100644 --- a/charts/services/judicial-system-backend/values.prod.yaml +++ b/charts/services/judicial-system-backend/values.prod.yaml @@ -1,654 +1,200 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'false' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' - AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://rettarvorslugatt.island.is' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://ws.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-prod-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://rettarvorslugatt.island.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "DOKOBIT_URL": { + "dev": "https://developers.dokobit.com", + "staging": "https://developers.dokobit.com", + "prod": "https://ws.dokobit.com" + }, + "EMAIL_REGION": "eu-west-1", + "S3_REGION": "eu-west-1", + "S3_BUCKET": { + "dev": "island-is-dev-upload-judicial-system", + "staging": "island-is-staging-upload-judicial-system", + "prod": "island-is-prod-upload-judicial-system" + }, + "S3_TIME_TO_LIVE_POST": "15", + "S3_TIME_TO_LIVE_GET": "5", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENVIRONMENT": { + "dev": "test", + "staging": "test", + "prod": "master" + }, + "CLIENT_URL": { + "prod": "https://rettarvorslugatt.island.is" + }, + "SQS_QUEUE_NAME": "sqs-judicial-system", + "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", + "SQS_REGION": "eu-west-1", + "BLOCKED_API_INTEGRATION": { + "dev": "", + "staging": "COURT,POLICE_CASE", + "prod": "" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT": { + "dev": "false", + "staging": "true", + "prod": "true" + } + }, + "features": {}, + "name": "judicial-system-backend", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NOVA_URL": "/k8s/judicial-system/NOVA_URL", + "NOVA_USERNAME": "/k8s/judicial-system/NOVA_USERNAME", + "NOVA_PASSWORD": "/k8s/judicial-system/NOVA_PASSWORD", + "COURTS_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_MOBILE_NUMBERS", + "COURTS_ASSISTANT_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS", + "COURTS_EMAILS": "/k8s/judicial-system/COURTS_EMAILS", + "DOKOBIT_ACCESS_TOKEN": "/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN", + "EMAIL_FROM": "/k8s/judicial-system/EMAIL_FROM", + "EMAIL_FROM_NAME": "/k8s/judicial-system/EMAIL_FROM_NAME", + "EMAIL_REPLY_TO": "/k8s/judicial-system/EMAIL_REPLY_TO", + "EMAIL_REPLY_TO_NAME": "/k8s/judicial-system/EMAIL_REPLY_TO_NAME", + "PRISON_EMAIL": "/k8s/judicial-system/PRISON_EMAIL", + "PRISON_ADMIN_EMAIL": "/k8s/judicial-system/PRISON_ADMIN_EMAIL", + "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", + "ADMIN_USERS": "/k8s/judicial-system/ADMIN_USERS", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", + "EVENT_URL": "/k8s/judicial-system/EVENT_URL", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "ARCHIVE_ENCRYPTION_KEY": "/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY", + "COURT_ROBOT_CLIENT_ID": "/k8s/judicial-system/COURT_ROBOT_CLIENT_ID", + "COURT_ROBOT_TENANT_ID": "/k8s/judicial-system/COURT_ROBOT_TENANT_ID", + "COURT_ROBOT_CLIENT_SECRET": "/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET", + "COURT_ROBOT_USER": "/k8s/judicial-system/COURT_ROBOT_USER", + "COURT_ROBOT_EMAIL": "/k8s/judicial-system/COURT_ROBOT_EMAIL" + }, + "ingress": {}, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "requests": { + "cpu": "100m", + "memory": "512Mi" + }, + "limits": { + "cpu": "400m", + "memory": "1024Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Client", + "staging": "IS-TEST/GOV/5804170510/Rettarvorslugatt-Client", + "prod": "IS/GOV/5804170510/Rettarvorslugatt-Client" + }, + "XROAD_COURT_MEMBER_CODE": { + "dev": "10019", + "staging": "4707171140", + "prod": "4707171140" + }, + "XROAD_POLICE_MEMBER_CODE": { + "dev": "10005", + "staging": "5309672079", + "prod": "5309672079" + }, + "XROAD_COURT_API_PATH": "/Domstolasyslan/JusticePortal-v1", + "XROAD_POLICE_API_PATH": "/Logreglan-Private/rettarvarsla-v1" + }, + "secrets": { + "XROAD_CLIENT_CERT": "/k8s/judicial-system/XROAD_CLIENT_CERT", + "XROAD_CLIENT_KEY": "/k8s/judicial-system/XROAD_CLIENT_KEY", + "XROAD_CLIENT_PEM": "/k8s/judicial-system/XROAD_CLIENT_PEM", + "XROAD_COURTS_CREDENTIALS": "/k8s/judicial-system/COURTS_CREDENTIALS", + "XROAD_POLICE_API_KEY": "/k8s/judicial-system/XROAD_POLICE_API_KEY" + } + } + } + ], + "files": [], + "volumes": [], + "accountName": "judicial-system-backend", + "postgres": { + "name": "judicial_system", + "username": "judicial_system", + "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "judicial_system", + "username": "judicial_system", + "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" + } + }, + "replicaCount": { + "min": 2, + "max": 10, + "default": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-backend/values.staging.yaml b/charts/services/judicial-system-backend/values.staging.yaml index e4a133f4ad7e..b45fad7fd6f2 100644 --- a/charts/services/judicial-system-backend/values.staging.yaml +++ b/charts/services/judicial-system-backend/values.staging.yaml @@ -1,654 +1,200 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' - CLIENT_URL: 'https://judicial-system.staging01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-staging-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.staging01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "DOKOBIT_URL": { + "dev": "https://developers.dokobit.com", + "staging": "https://developers.dokobit.com", + "prod": "https://ws.dokobit.com" + }, + "EMAIL_REGION": "eu-west-1", + "S3_REGION": "eu-west-1", + "S3_BUCKET": { + "dev": "island-is-dev-upload-judicial-system", + "staging": "island-is-staging-upload-judicial-system", + "prod": "island-is-prod-upload-judicial-system" + }, + "S3_TIME_TO_LIVE_POST": "15", + "S3_TIME_TO_LIVE_GET": "5", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENVIRONMENT": { + "dev": "test", + "staging": "test", + "prod": "master" + }, + "CLIENT_URL": { + "prod": "https://rettarvorslugatt.island.is" + }, + "SQS_QUEUE_NAME": "sqs-judicial-system", + "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", + "SQS_REGION": "eu-west-1", + "BLOCKED_API_INTEGRATION": { + "dev": "", + "staging": "COURT,POLICE_CASE", + "prod": "" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT": { + "dev": "false", + "staging": "true", + "prod": "true" + } + }, + "features": {}, + "name": "judicial-system-backend", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NOVA_URL": "/k8s/judicial-system/NOVA_URL", + "NOVA_USERNAME": "/k8s/judicial-system/NOVA_USERNAME", + "NOVA_PASSWORD": "/k8s/judicial-system/NOVA_PASSWORD", + "COURTS_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_MOBILE_NUMBERS", + "COURTS_ASSISTANT_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS", + "COURTS_EMAILS": "/k8s/judicial-system/COURTS_EMAILS", + "DOKOBIT_ACCESS_TOKEN": "/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN", + "EMAIL_FROM": "/k8s/judicial-system/EMAIL_FROM", + "EMAIL_FROM_NAME": "/k8s/judicial-system/EMAIL_FROM_NAME", + "EMAIL_REPLY_TO": "/k8s/judicial-system/EMAIL_REPLY_TO", + "EMAIL_REPLY_TO_NAME": "/k8s/judicial-system/EMAIL_REPLY_TO_NAME", + "PRISON_EMAIL": "/k8s/judicial-system/PRISON_EMAIL", + "PRISON_ADMIN_EMAIL": "/k8s/judicial-system/PRISON_ADMIN_EMAIL", + "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", + "ADMIN_USERS": "/k8s/judicial-system/ADMIN_USERS", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", + "EVENT_URL": "/k8s/judicial-system/EVENT_URL", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "ARCHIVE_ENCRYPTION_KEY": "/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY", + "COURT_ROBOT_CLIENT_ID": "/k8s/judicial-system/COURT_ROBOT_CLIENT_ID", + "COURT_ROBOT_TENANT_ID": "/k8s/judicial-system/COURT_ROBOT_TENANT_ID", + "COURT_ROBOT_CLIENT_SECRET": "/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET", + "COURT_ROBOT_USER": "/k8s/judicial-system/COURT_ROBOT_USER", + "COURT_ROBOT_EMAIL": "/k8s/judicial-system/COURT_ROBOT_EMAIL" + }, + "ingress": {}, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "requests": { + "cpu": "100m", + "memory": "512Mi" + }, + "limits": { + "cpu": "400m", + "memory": "1024Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Client", + "staging": "IS-TEST/GOV/5804170510/Rettarvorslugatt-Client", + "prod": "IS/GOV/5804170510/Rettarvorslugatt-Client" + }, + "XROAD_COURT_MEMBER_CODE": { + "dev": "10019", + "staging": "4707171140", + "prod": "4707171140" + }, + "XROAD_POLICE_MEMBER_CODE": { + "dev": "10005", + "staging": "5309672079", + "prod": "5309672079" + }, + "XROAD_COURT_API_PATH": "/Domstolasyslan/JusticePortal-v1", + "XROAD_POLICE_API_PATH": "/Logreglan-Private/rettarvarsla-v1" + }, + "secrets": { + "XROAD_CLIENT_CERT": "/k8s/judicial-system/XROAD_CLIENT_CERT", + "XROAD_CLIENT_KEY": "/k8s/judicial-system/XROAD_CLIENT_KEY", + "XROAD_CLIENT_PEM": "/k8s/judicial-system/XROAD_CLIENT_PEM", + "XROAD_COURTS_CREDENTIALS": "/k8s/judicial-system/COURTS_CREDENTIALS", + "XROAD_POLICE_API_KEY": "/k8s/judicial-system/XROAD_POLICE_API_KEY" + } + } + } + ], + "files": [], + "volumes": [], + "accountName": "judicial-system-backend", + "postgres": { + "name": "judicial_system", + "username": "judicial_system", + "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "judicial_system", + "username": "judicial_system", + "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" + } + }, + "replicaCount": { + "min": 2, + "max": 10, + "default": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml b/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml index b87ac2b9294f..e8c4ac9df017 100644 --- a/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml +++ b/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml @@ -1,654 +1,72 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://judicial-system.dev01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - S3_BUCKET: 'island-is-dev-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '10019' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '10005' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.dev01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-digital-mailbox-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "judicial-system-digital-mailbox-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system-digital-mailbox-api-xrd", + "staging": "judicial-system-digital-mailbox-api-xrd", + "prod": "judicial-system-digital-mailbox-api-xrd" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-digital-mailbox-api", + "image": "judicial-system-digital-mailbox-api" + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml b/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml index f0a1db2678df..e8c4ac9df017 100644 --- a/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml +++ b/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml @@ -1,654 +1,72 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'false' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' - AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://rettarvorslugatt.island.is' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://ws.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-prod-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://rettarvorslugatt.island.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-digital-mailbox-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "judicial-system-digital-mailbox-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system-digital-mailbox-api-xrd", + "staging": "judicial-system-digital-mailbox-api-xrd", + "prod": "judicial-system-digital-mailbox-api-xrd" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-digital-mailbox-api", + "image": "judicial-system-digital-mailbox-api" + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml b/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml index e4a133f4ad7e..e8c4ac9df017 100644 --- a/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml +++ b/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml @@ -1,654 +1,72 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' - CLIENT_URL: 'https://judicial-system.staging01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-staging-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.staging01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-digital-mailbox-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "judicial-system-digital-mailbox-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system-digital-mailbox-api-xrd", + "staging": "judicial-system-digital-mailbox-api-xrd", + "prod": "judicial-system-digital-mailbox-api-xrd" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-digital-mailbox-api", + "image": "judicial-system-digital-mailbox-api" + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-message-handler/values.dev.yaml b/charts/services/judicial-system-message-handler/values.dev.yaml index b87ac2b9294f..bf7f9a24160f 100644 --- a/charts/services/judicial-system-message-handler/values.dev.yaml +++ b/charts/services/judicial-system-message-handler/values.dev.yaml @@ -1,654 +1,56 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://judicial-system.dev01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - S3_BUCKET: 'island-is-dev-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '10019' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '10005' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.dev01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-message-handler": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "SQS_QUEUE_NAME": "sqs-judicial-system", + "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", + "SQS_REGION": "eu-west-1" + }, + "features": {}, + "name": "judicial-system-message-handler", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" + }, + "ingress": {}, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-message-handler", + "image": "judicial-system-message-handler", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ] + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-message-handler/values.prod.yaml b/charts/services/judicial-system-message-handler/values.prod.yaml index f0a1db2678df..bf7f9a24160f 100644 --- a/charts/services/judicial-system-message-handler/values.prod.yaml +++ b/charts/services/judicial-system-message-handler/values.prod.yaml @@ -1,654 +1,56 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'false' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' - AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://rettarvorslugatt.island.is' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://ws.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-prod-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://rettarvorslugatt.island.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-message-handler": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "SQS_QUEUE_NAME": "sqs-judicial-system", + "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", + "SQS_REGION": "eu-west-1" + }, + "features": {}, + "name": "judicial-system-message-handler", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" + }, + "ingress": {}, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-message-handler", + "image": "judicial-system-message-handler", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ] + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-message-handler/values.staging.yaml b/charts/services/judicial-system-message-handler/values.staging.yaml index e4a133f4ad7e..bf7f9a24160f 100644 --- a/charts/services/judicial-system-message-handler/values.staging.yaml +++ b/charts/services/judicial-system-message-handler/values.staging.yaml @@ -1,654 +1,56 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' - CLIENT_URL: 'https://judicial-system.staging01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-staging-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.staging01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-message-handler": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "SQS_QUEUE_NAME": "sqs-judicial-system", + "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", + "SQS_REGION": "eu-west-1" + }, + "features": {}, + "name": "judicial-system-message-handler", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" + }, + "ingress": {}, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-message-handler", + "image": "judicial-system-message-handler", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ] + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-robot-api/values.dev.yaml b/charts/services/judicial-system-robot-api/values.dev.yaml index b87ac2b9294f..61cdd6430ccb 100644 --- a/charts/services/judicial-system-robot-api/values.dev.yaml +++ b/charts/services/judicial-system-robot-api/values.dev.yaml @@ -1,654 +1,66 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://judicial-system.dev01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - S3_BUCKET: 'island-is-dev-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '10019' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '10005' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.dev01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-robot-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1" + }, + "features": {}, + "name": "judicial-system-robot-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system-robot-api-xrd", + "staging": "judicial-system-robot-api-xrd", + "prod": "judicial-system-robot-api-xrd" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-robot-api", + "image": "judicial-system-robot-api" + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-robot-api/values.prod.yaml b/charts/services/judicial-system-robot-api/values.prod.yaml index f0a1db2678df..61cdd6430ccb 100644 --- a/charts/services/judicial-system-robot-api/values.prod.yaml +++ b/charts/services/judicial-system-robot-api/values.prod.yaml @@ -1,654 +1,66 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'false' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' - AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://rettarvorslugatt.island.is' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://ws.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-prod-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://rettarvorslugatt.island.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-robot-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1" + }, + "features": {}, + "name": "judicial-system-robot-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system-robot-api-xrd", + "staging": "judicial-system-robot-api-xrd", + "prod": "judicial-system-robot-api-xrd" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-robot-api", + "image": "judicial-system-robot-api" + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-robot-api/values.staging.yaml b/charts/services/judicial-system-robot-api/values.staging.yaml index e4a133f4ad7e..61cdd6430ccb 100644 --- a/charts/services/judicial-system-robot-api/values.staging.yaml +++ b/charts/services/judicial-system-robot-api/values.staging.yaml @@ -1,654 +1,66 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' - CLIENT_URL: 'https://judicial-system.staging01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-staging-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.staging01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-robot-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1" + }, + "features": {}, + "name": "judicial-system-robot-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system-robot-api-xrd", + "staging": "judicial-system-robot-api-xrd", + "prod": "judicial-system-robot-api-xrd" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-robot-api", + "image": "judicial-system-robot-api" + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-scheduler/values.dev.yaml b/charts/services/judicial-system-scheduler/values.dev.yaml index b87ac2b9294f..7349cac123bc 100644 --- a/charts/services/judicial-system-scheduler/values.dev.yaml +++ b/charts/services/judicial-system-scheduler/values.dev.yaml @@ -1,654 +1,73 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://judicial-system.dev01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - S3_BUCKET: 'island-is-dev-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '10019' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '10005' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.dev01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-scheduler": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "SQS_QUEUE_NAME": "sqs-judicial-system", + "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", + "SQS_REGION": "eu-west-1", + "TIME_TO_LIVE_MINUTES": "30" + }, + "features": {}, + "name": "judicial-system-scheduler", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" + }, + "ingress": {}, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "judicial-system-scheduler", + "replicaCount": { + "min": 1, + "max": 1, + "default": 1 + }, + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ], + "extraAttributes": { + "dev": { + "schedule": "0 2 * * *" + }, + "staging": { + "schedule": "0 2 * * *" + }, + "prod": { + "schedule": "0 2 * * *" + } + }, + "accountName": "judicial-system-scheduler" + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-scheduler/values.prod.yaml b/charts/services/judicial-system-scheduler/values.prod.yaml index f0a1db2678df..7349cac123bc 100644 --- a/charts/services/judicial-system-scheduler/values.prod.yaml +++ b/charts/services/judicial-system-scheduler/values.prod.yaml @@ -1,654 +1,73 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'false' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' - AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://rettarvorslugatt.island.is' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://ws.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-prod-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://rettarvorslugatt.island.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-scheduler": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "SQS_QUEUE_NAME": "sqs-judicial-system", + "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", + "SQS_REGION": "eu-west-1", + "TIME_TO_LIVE_MINUTES": "30" + }, + "features": {}, + "name": "judicial-system-scheduler", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" + }, + "ingress": {}, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "judicial-system-scheduler", + "replicaCount": { + "min": 1, + "max": 1, + "default": 1 + }, + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ], + "extraAttributes": { + "dev": { + "schedule": "0 2 * * *" + }, + "staging": { + "schedule": "0 2 * * *" + }, + "prod": { + "schedule": "0 2 * * *" + } + }, + "accountName": "judicial-system-scheduler" + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-scheduler/values.staging.yaml b/charts/services/judicial-system-scheduler/values.staging.yaml index e4a133f4ad7e..7349cac123bc 100644 --- a/charts/services/judicial-system-scheduler/values.staging.yaml +++ b/charts/services/judicial-system-scheduler/values.staging.yaml @@ -1,654 +1,73 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' - CLIENT_URL: 'https://judicial-system.staging01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-staging-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.staging01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-scheduler": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "SQS_QUEUE_NAME": "sqs-judicial-system", + "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", + "SQS_REGION": "eu-west-1", + "TIME_TO_LIVE_MINUTES": "30" + }, + "features": {}, + "name": "judicial-system-scheduler", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" + }, + "ingress": {}, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "judicial-system-scheduler", + "replicaCount": { + "min": 1, + "max": 1, + "default": 1 + }, + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ], + "extraAttributes": { + "dev": { + "schedule": "0 2 * * *" + }, + "staging": { + "schedule": "0 2 * * *" + }, + "prod": { + "schedule": "0 2 * * *" + } + }, + "accountName": "judicial-system-scheduler" + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-web/values.dev.yaml b/charts/services/judicial-system-web/values.dev.yaml index b87ac2b9294f..18d1751d1481 100644 --- a/charts/services/judicial-system-web/values.dev.yaml +++ b/charts/services/judicial-system-web/values.dev.yaml @@ -1,654 +1,76 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://judicial-system.dev01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - S3_BUCKET: 'island-is-dev-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '10019' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '10005' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.dev01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 10, + "initialDelaySeconds": 3 + }, + "env": { + "API_URL": { + "prod": "https://rettarvorslugatt.island.is" + } + }, + "features": {}, + "name": "judicial-system-web", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NATIONAL_REGISTRY_API_KEY": "/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY", + "SUPPORT_EMAIL": "/k8s/judicial-system/SUPPORT_EMAIL" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system", + "staging": "judicial-system", + "prod": "rettarvorslugatt.island.is" + }, + "paths": [ + "/" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "15m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [] + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-web/values.prod.yaml b/charts/services/judicial-system-web/values.prod.yaml index f0a1db2678df..18d1751d1481 100644 --- a/charts/services/judicial-system-web/values.prod.yaml +++ b/charts/services/judicial-system-web/values.prod.yaml @@ -1,654 +1,76 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'false' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' - AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://rettarvorslugatt.island.is' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://ws.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-prod-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://rettarvorslugatt.island.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 10, + "initialDelaySeconds": 3 + }, + "env": { + "API_URL": { + "prod": "https://rettarvorslugatt.island.is" + } + }, + "features": {}, + "name": "judicial-system-web", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NATIONAL_REGISTRY_API_KEY": "/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY", + "SUPPORT_EMAIL": "/k8s/judicial-system/SUPPORT_EMAIL" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system", + "staging": "judicial-system", + "prod": "rettarvorslugatt.island.is" + }, + "paths": [ + "/" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "15m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [] + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-web/values.staging.yaml b/charts/services/judicial-system-web/values.staging.yaml index e4a133f4ad7e..18d1751d1481 100644 --- a/charts/services/judicial-system-web/values.staging.yaml +++ b/charts/services/judicial-system-web/values.staging.yaml @@ -1,654 +1,76 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' - CLIENT_URL: 'https://judicial-system.staging01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-staging-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.staging01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 10, + "initialDelaySeconds": 3 + }, + "env": { + "API_URL": { + "prod": "https://rettarvorslugatt.island.is" + } + }, + "features": {}, + "name": "judicial-system-web", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NATIONAL_REGISTRY_API_KEY": "/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY", + "SUPPORT_EMAIL": "/k8s/judicial-system/SUPPORT_EMAIL" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system", + "staging": "judicial-system", + "prod": "rettarvorslugatt.island.is" + }, + "paths": [ + "/" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "15m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [] + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-xrd-api/values.dev.yaml b/charts/services/judicial-system-xrd-api/values.dev.yaml index b87ac2b9294f..dc9d962a3d85 100644 --- a/charts/services/judicial-system-xrd-api/values.dev.yaml +++ b/charts/services/judicial-system-xrd-api/values.dev.yaml @@ -1,654 +1,66 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://judicial-system.dev01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - S3_BUCKET: 'island-is-dev-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '10019' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '10005' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.dev01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-xrd-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1" + }, + "features": {}, + "name": "judicial-system-xrd-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system-xrd-api", + "staging": "judicial-system-xrd-api", + "prod": "judicial-system-xrd-api" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-xrd-api" + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-xrd-api/values.prod.yaml b/charts/services/judicial-system-xrd-api/values.prod.yaml index f0a1db2678df..dc9d962a3d85 100644 --- a/charts/services/judicial-system-xrd-api/values.prod.yaml +++ b/charts/services/judicial-system-xrd-api/values.prod.yaml @@ -1,654 +1,66 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'false' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' - AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: '' - CLIENT_URL: 'https://rettarvorslugatt.island.is' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://ws.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-prod-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://rettarvorslugatt.island.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-xrd-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1" + }, + "features": {}, + "name": "judicial-system-xrd-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system-xrd-api", + "staging": "judicial-system-xrd-api", + "prod": "judicial-system-xrd-api" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-xrd-api" + } + } +} \ No newline at end of file diff --git a/charts/services/judicial-system-xrd-api/values.staging.yaml b/charts/services/judicial-system-xrd-api/values.staging.yaml index e4a133f4ad7e..dc9d962a3d85 100644 --- a/charts/services/judicial-system-xrd-api/values.staging.yaml +++ b/charts/services/judicial-system-xrd-api/values.staging.yaml @@ -1,654 +1,66 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -judicial-system-api: - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' - create: true - name: 'judicial-system-api' -judicial-system-backend: - enabled: true - env: - BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' - CLIENT_URL: 'https://judicial-system.staging01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-staging-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' -judicial-system-digital-mailbox-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' -judicial-system-message-handler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' -judicial-system-robot-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' -judicial-system-scheduler: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' -judicial-system-web: - enabled: true - env: - API_URL: 'https://judicial-system.staging01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false -judicial-system-xrd-api: - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' -namespaces: - labels: {} - namespaces: - - 'judicial-system' +{ + "judicial-system-xrd-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", + "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", + "AUDIT_TRAIL_REGION": "eu-west-1" + }, + "features": {}, + "name": "judicial-system-xrd-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", + "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", + "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "judicial-system-xrd-api", + "staging": "judicial-system-xrd-api", + "prod": "judicial-system-xrd-api" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "judicial-system", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "accountName": "judicial-system-xrd-api" + } + } +} \ No newline at end of file diff --git a/charts/services/license-api/values.dev.yaml b/charts/services/license-api/values.dev.yaml index 58d9f8e96dbc..b633ae5bf55c 100644 --- a/charts/services/license-api/values.dev.yaml +++ b/charts/services/license-api/values.dev.yaml @@ -1,3563 +1,197 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "license-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "LICENSE_SERVICE_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "HUNTING_LICENSE_PASS_TEMPLATE_ID": { + "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "prod": "d4ecf781-3764-4063-a4e1-9c3e17cebfba" + } + }, + "features": {}, + "name": "license-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", + "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", + "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", + "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", + "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", + "RLS_OPEN_LOOKUP_API_KEY": "/k8s/api/RLS_OPEN_LOOKUP_API_KEY", + "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", + "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", + "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", + "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", + "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", + "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", + "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", + "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", + "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", + "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", + "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", + "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", + "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", + "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", + "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "license-api-xrd", + "staging": "license-api-xrd", + "prod": "license-api-xrd" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "license-api", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FIREARM_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", + "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", + "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISABILITY_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", + "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DRIVING_LICENSE_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V2_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V4_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" + }, + "XROAD_DRIVING_LICENSE_V5_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" + } + }, + "secrets": { + "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_HUNTING_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", + "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", + "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" + } + } + } + } + ], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/license-api/values.prod.yaml b/charts/services/license-api/values.prod.yaml index c7e37f4144c5..b633ae5bf55c 100644 --- a/charts/services/license-api/values.prod.yaml +++ b/charts/services/license-api/values.prod.yaml @@ -1,3379 +1,197 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "license-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "LICENSE_SERVICE_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "HUNTING_LICENSE_PASS_TEMPLATE_ID": { + "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "prod": "d4ecf781-3764-4063-a4e1-9c3e17cebfba" + } + }, + "features": {}, + "name": "license-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", + "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", + "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", + "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", + "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", + "RLS_OPEN_LOOKUP_API_KEY": "/k8s/api/RLS_OPEN_LOOKUP_API_KEY", + "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", + "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", + "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", + "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", + "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", + "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", + "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", + "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", + "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", + "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", + "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", + "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", + "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", + "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", + "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "license-api-xrd", + "staging": "license-api-xrd", + "prod": "license-api-xrd" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "license-api", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FIREARM_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", + "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", + "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISABILITY_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", + "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DRIVING_LICENSE_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V2_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V4_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" + }, + "XROAD_DRIVING_LICENSE_V5_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" + } + }, + "secrets": { + "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_HUNTING_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", + "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", + "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" + } + } + } + } + ], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/license-api/values.staging.yaml b/charts/services/license-api/values.staging.yaml index 227a2b0fcc6d..b633ae5bf55c 100644 --- a/charts/services/license-api/values.staging.yaml +++ b/charts/services/license-api/values.staging.yaml @@ -1,3238 +1,197 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "license-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "LICENSE_SERVICE_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + }, + "HUNTING_LICENSE_PASS_TEMPLATE_ID": { + "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", + "prod": "d4ecf781-3764-4063-a4e1-9c3e17cebfba" + } + }, + "features": {}, + "name": "license-api", + "grantNamespaces": [ + "nginx-ingress-internal" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", + "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", + "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", + "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", + "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", + "RLS_OPEN_LOOKUP_API_KEY": "/k8s/api/RLS_OPEN_LOOKUP_API_KEY", + "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", + "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", + "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", + "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", + "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", + "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", + "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", + "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", + "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", + "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", + "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", + "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", + "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", + "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", + "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "license-api-xrd", + "staging": "license-api-xrd", + "prod": "license-api-xrd" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "license-api", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_FIREARM_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", + "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", + "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DISABILITY_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", + "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", + "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_DRIVING_LICENSE_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V2_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" + }, + "XROAD_DRIVING_LICENSE_V4_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" + }, + "XROAD_DRIVING_LICENSE_V5_PATH": { + "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", + "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", + "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" + } + }, + "secrets": { + "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" + } + } + }, + { + "config": { + "env": { + "XROAD_HUNTING_LICENSE_PATH": { + "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", + "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", + "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" + } + } + } + } + ], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/portals-admin/values.dev.yaml b/charts/services/portals-admin/values.dev.yaml index 58d9f8e96dbc..1ce03e12f921 100644 --- a/charts/services/portals-admin/values.dev.yaml +++ b/charts/services/portals-admin/values.dev.yaml @@ -1,3563 +1,95 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "portals-admin": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/stjornbord", + "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "portals-admin", + "grantNamespaces": [ + "nginx-ingress-external", + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/stjornbord" + ] + } + }, + "namespace": "portals-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "25m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 30, + "min": 2, + "scalingMagicNumber": 8 + } + } + } +} \ No newline at end of file diff --git a/charts/services/portals-admin/values.prod.yaml b/charts/services/portals-admin/values.prod.yaml index c7e37f4144c5..1ce03e12f921 100644 --- a/charts/services/portals-admin/values.prod.yaml +++ b/charts/services/portals-admin/values.prod.yaml @@ -1,3379 +1,95 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "portals-admin": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/stjornbord", + "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "portals-admin", + "grantNamespaces": [ + "nginx-ingress-external", + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/stjornbord" + ] + } + }, + "namespace": "portals-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "25m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 30, + "min": 2, + "scalingMagicNumber": 8 + } + } + } +} \ No newline at end of file diff --git a/charts/services/portals-admin/values.staging.yaml b/charts/services/portals-admin/values.staging.yaml index 227a2b0fcc6d..1ce03e12f921 100644 --- a/charts/services/portals-admin/values.staging.yaml +++ b/charts/services/portals-admin/values.staging.yaml @@ -1,3238 +1,95 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "portals-admin": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/stjornbord", + "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "portals-admin", + "grantNamespaces": [ + "nginx-ingress-external", + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/stjornbord" + ] + } + }, + "namespace": "portals-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "25m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 30, + "min": 2, + "scalingMagicNumber": 8 + } + } + } +} \ No newline at end of file diff --git a/charts/services/regulations-admin-backend/values.dev.yaml b/charts/services/regulations-admin-backend/values.dev.yaml index 58d9f8e96dbc..32614c3fec07 100644 --- a/charts/services/regulations-admin-backend/values.dev.yaml +++ b/charts/services/regulations-admin-backend/values.dev.yaml @@ -1,3563 +1,147 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "regulations-admin-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/regulations-admin-api" + }, + "features": {}, + "name": "regulations-admin-backend", + "grantNamespaces": [ + "islandis", + "download-service" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET", + "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", + "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", + "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "regulations-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "regulations-admin-backend", + "postgres": { + "username": "regulations_admin_backend", + "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", + "name": "regulations_admin_backend" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "regulations_admin_backend", + "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", + "name": "regulations_admin_backend" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/regulations-admin-backend/values.prod.yaml b/charts/services/regulations-admin-backend/values.prod.yaml index c7e37f4144c5..32614c3fec07 100644 --- a/charts/services/regulations-admin-backend/values.prod.yaml +++ b/charts/services/regulations-admin-backend/values.prod.yaml @@ -1,3379 +1,147 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "regulations-admin-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/regulations-admin-api" + }, + "features": {}, + "name": "regulations-admin-backend", + "grantNamespaces": [ + "islandis", + "download-service" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET", + "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", + "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", + "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "regulations-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "regulations-admin-backend", + "postgres": { + "username": "regulations_admin_backend", + "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", + "name": "regulations_admin_backend" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "regulations_admin_backend", + "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", + "name": "regulations_admin_backend" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/regulations-admin-backend/values.staging.yaml b/charts/services/regulations-admin-backend/values.staging.yaml index 227a2b0fcc6d..32614c3fec07 100644 --- a/charts/services/regulations-admin-backend/values.staging.yaml +++ b/charts/services/regulations-admin-backend/values.staging.yaml @@ -1,3238 +1,147 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "regulations-admin-backend": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/regulations-admin-api" + }, + "features": {}, + "name": "regulations-admin-backend", + "grantNamespaces": [ + "islandis", + "download-service" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET", + "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", + "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", + "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "regulations-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "regulations-admin-backend", + "postgres": { + "username": "regulations_admin_backend", + "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", + "name": "regulations_admin_backend" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "regulations_admin_backend", + "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", + "name": "regulations_admin_backend" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/search-indexer-service/values.dev.yaml b/charts/services/search-indexer-service/values.dev.yaml index 58d9f8e96dbc..3d09c5598a54 100644 --- a/charts/services/search-indexer-service/values.dev.yaml +++ b/charts/services/search-indexer-service/values.dev.yaml @@ -1,3563 +1,204 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "search-indexer-service": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "APPLICATION_URL": "http://search-indexer-service", + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + }, + "ELASTIC_INDEX": "island-is", + "CONTENTFUL_SPACE": "8k0h54kbe6bj", + "CONTENTFUL_ENVIRONMENT": "master", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { + "dev": "40", + "staging": "40", + "prod": "40" + }, + "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { + "dev": "loftbru.dev01.devland.is", + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + } + }, + "features": {}, + "name": "search-indexer-service", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", + "API_CMS_SYNC_TOKEN": "/k8s/search-indexer/API_CMS_SYNC_TOKEN", + "API_CMS_DELETION_TOKEN": "/k8s/search-indexer/API_CMS_DELETION_TOKEN", + "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "search-indexer-service", + "staging": "search-indexer-service", + "prod": "search-indexer-service.devland.is" + }, + "paths": [ + "/" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": {} + } + } + }, + "namespace": "search-indexer", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "requests": { + "cpu": "400m", + "memory": "3072Mi" + }, + "limits": { + "cpu": "800m", + "memory": "4096Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-search-indexer", + "accountName": "search-indexer", + "initContainers": { + "envs": { + "APPLICATION_URL": "http://search-indexer-service", + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + }, + "ELASTIC_INDEX": "island-is", + "CONTENTFUL_SPACE": "8k0h54kbe6bj", + "CONTENTFUL_ENVIRONMENT": "master", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { + "dev": "40", + "staging": "40", + "prod": "40" + }, + "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { + "dev": "loftbru.dev01.devland.is", + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + }, + "S3_BUCKET": { + "dev": "dev-es-custom-packages", + "staging": "staging-es-custom-packages", + "prod": "prod-es-custom-packages" + }, + "ELASTIC_DOMAIN": "search", + "NODE_OPTIONS": "--max-old-space-size=2048" + }, + "secrets": { + "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "features": {}, + "containers": [ + { + "command": "/usr/local/bin/node", + "args": [ + "/webapp/migrateAws.js" + ], + "name": "migrate-aws", + "resources": { + "requests": { + "cpu": "100m", + "memory": "512Mi" + }, + "limits": { + "cpu": "400m", + "memory": "2048Mi" + } + } + }, + { + "command": "/usr/local/bin/node", + "args": [ + "/webapp/migrateElastic.js" + ], + "name": "migrate-elastic", + "resources": { + "requests": { + "cpu": "300m", + "memory": "3072Mi" + }, + "limits": { + "cpu": "700m", + "memory": "4096Mi" + } + } + }, + { + "command": "/usr/local/bin/node", + "args": [ + "/webapp/migrateKibana.js" + ], + "name": "migrate-kibana", + "resources": { + "requests": { + "cpu": "100m", + "memory": "512Mi" + }, + "limits": { + "cpu": "400m", + "memory": "2048Mi" + } + } + } + ] + }, + "replicaCount": { + "min": 1, + "max": 1, + "default": 1 + }, + "extraAttributes": { + "dev": { + "progressDeadlineSeconds": 1500 + }, + "staging": { + "progressDeadlineSeconds": 1500 + }, + "prod": { + "progressDeadlineSeconds": 1500 + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/search-indexer-service/values.prod.yaml b/charts/services/search-indexer-service/values.prod.yaml index c7e37f4144c5..3d09c5598a54 100644 --- a/charts/services/search-indexer-service/values.prod.yaml +++ b/charts/services/search-indexer-service/values.prod.yaml @@ -1,3379 +1,204 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "search-indexer-service": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "APPLICATION_URL": "http://search-indexer-service", + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + }, + "ELASTIC_INDEX": "island-is", + "CONTENTFUL_SPACE": "8k0h54kbe6bj", + "CONTENTFUL_ENVIRONMENT": "master", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { + "dev": "40", + "staging": "40", + "prod": "40" + }, + "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { + "dev": "loftbru.dev01.devland.is", + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + } + }, + "features": {}, + "name": "search-indexer-service", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", + "API_CMS_SYNC_TOKEN": "/k8s/search-indexer/API_CMS_SYNC_TOKEN", + "API_CMS_DELETION_TOKEN": "/k8s/search-indexer/API_CMS_DELETION_TOKEN", + "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "search-indexer-service", + "staging": "search-indexer-service", + "prod": "search-indexer-service.devland.is" + }, + "paths": [ + "/" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": {} + } + } + }, + "namespace": "search-indexer", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "requests": { + "cpu": "400m", + "memory": "3072Mi" + }, + "limits": { + "cpu": "800m", + "memory": "4096Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-search-indexer", + "accountName": "search-indexer", + "initContainers": { + "envs": { + "APPLICATION_URL": "http://search-indexer-service", + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + }, + "ELASTIC_INDEX": "island-is", + "CONTENTFUL_SPACE": "8k0h54kbe6bj", + "CONTENTFUL_ENVIRONMENT": "master", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { + "dev": "40", + "staging": "40", + "prod": "40" + }, + "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { + "dev": "loftbru.dev01.devland.is", + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + }, + "S3_BUCKET": { + "dev": "dev-es-custom-packages", + "staging": "staging-es-custom-packages", + "prod": "prod-es-custom-packages" + }, + "ELASTIC_DOMAIN": "search", + "NODE_OPTIONS": "--max-old-space-size=2048" + }, + "secrets": { + "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "features": {}, + "containers": [ + { + "command": "/usr/local/bin/node", + "args": [ + "/webapp/migrateAws.js" + ], + "name": "migrate-aws", + "resources": { + "requests": { + "cpu": "100m", + "memory": "512Mi" + }, + "limits": { + "cpu": "400m", + "memory": "2048Mi" + } + } + }, + { + "command": "/usr/local/bin/node", + "args": [ + "/webapp/migrateElastic.js" + ], + "name": "migrate-elastic", + "resources": { + "requests": { + "cpu": "300m", + "memory": "3072Mi" + }, + "limits": { + "cpu": "700m", + "memory": "4096Mi" + } + } + }, + { + "command": "/usr/local/bin/node", + "args": [ + "/webapp/migrateKibana.js" + ], + "name": "migrate-kibana", + "resources": { + "requests": { + "cpu": "100m", + "memory": "512Mi" + }, + "limits": { + "cpu": "400m", + "memory": "2048Mi" + } + } + } + ] + }, + "replicaCount": { + "min": 1, + "max": 1, + "default": 1 + }, + "extraAttributes": { + "dev": { + "progressDeadlineSeconds": 1500 + }, + "staging": { + "progressDeadlineSeconds": 1500 + }, + "prod": { + "progressDeadlineSeconds": 1500 + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/search-indexer-service/values.staging.yaml b/charts/services/search-indexer-service/values.staging.yaml index 227a2b0fcc6d..3d09c5598a54 100644 --- a/charts/services/search-indexer-service/values.staging.yaml +++ b/charts/services/search-indexer-service/values.staging.yaml @@ -1,3238 +1,204 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "search-indexer-service": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "APPLICATION_URL": "http://search-indexer-service", + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + }, + "ELASTIC_INDEX": "island-is", + "CONTENTFUL_SPACE": "8k0h54kbe6bj", + "CONTENTFUL_ENVIRONMENT": "master", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { + "dev": "40", + "staging": "40", + "prod": "40" + }, + "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { + "dev": "loftbru.dev01.devland.is", + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + } + }, + "features": {}, + "name": "search-indexer-service", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", + "API_CMS_SYNC_TOKEN": "/k8s/search-indexer/API_CMS_SYNC_TOKEN", + "API_CMS_DELETION_TOKEN": "/k8s/search-indexer/API_CMS_DELETION_TOKEN", + "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "search-indexer-service", + "staging": "search-indexer-service", + "prod": "search-indexer-service.devland.is" + }, + "paths": [ + "/" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": {} + } + } + }, + "namespace": "search-indexer", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "requests": { + "cpu": "400m", + "memory": "3072Mi" + }, + "limits": { + "cpu": "800m", + "memory": "4096Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-search-indexer", + "accountName": "search-indexer", + "initContainers": { + "envs": { + "APPLICATION_URL": "http://search-indexer-service", + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + }, + "ELASTIC_INDEX": "island-is", + "CONTENTFUL_SPACE": "8k0h54kbe6bj", + "CONTENTFUL_ENVIRONMENT": "master", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + }, + "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { + "dev": "40", + "staging": "40", + "prod": "40" + }, + "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { + "dev": "loftbru.dev01.devland.is", + "staging": "loftbru.staging01.devland.is", + "prod": "loftbru.island.is" + }, + "S3_BUCKET": { + "dev": "dev-es-custom-packages", + "staging": "staging-es-custom-packages", + "prod": "prod-es-custom-packages" + }, + "ELASTIC_DOMAIN": "search", + "NODE_OPTIONS": "--max-old-space-size=2048" + }, + "secrets": { + "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "features": {}, + "containers": [ + { + "command": "/usr/local/bin/node", + "args": [ + "/webapp/migrateAws.js" + ], + "name": "migrate-aws", + "resources": { + "requests": { + "cpu": "100m", + "memory": "512Mi" + }, + "limits": { + "cpu": "400m", + "memory": "2048Mi" + } + } + }, + { + "command": "/usr/local/bin/node", + "args": [ + "/webapp/migrateElastic.js" + ], + "name": "migrate-elastic", + "resources": { + "requests": { + "cpu": "300m", + "memory": "3072Mi" + }, + "limits": { + "cpu": "700m", + "memory": "4096Mi" + } + } + }, + { + "command": "/usr/local/bin/node", + "args": [ + "/webapp/migrateKibana.js" + ], + "name": "migrate-kibana", + "resources": { + "requests": { + "cpu": "100m", + "memory": "512Mi" + }, + "limits": { + "cpu": "400m", + "memory": "2048Mi" + } + } + } + ] + }, + "replicaCount": { + "min": 1, + "max": 1, + "default": 1 + }, + "extraAttributes": { + "dev": { + "progressDeadlineSeconds": 1500 + }, + "staging": { + "progressDeadlineSeconds": 1500 + }, + "prod": { + "progressDeadlineSeconds": 1500 + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/service-portal-api/values.dev.yaml b/charts/services/service-portal-api/values.dev.yaml index 58d9f8e96dbc..4f1a78c63e1f 100644 --- a/charts/services/service-portal-api/values.dev.yaml +++ b/charts/services/service-portal-api/values.dev.yaml @@ -1,3563 +1,196 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "service-portal-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "SERVICE_PORTAL_BASE_URL": { + "dev": "https://beta.dev01.devland.is/minarsidur", + "staging": "https://beta.staging01.devland.is/minarsidur", + "prod": "https://island.is/minarsidur", + "local": "http://localhost:4200/minarsidur" + }, + "EMAIL_REGION": "eu-west-1", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]" + }, + "features": {}, + "name": "service-portal-api", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "user-notification", + "identity-server", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NOVA_URL": "/k8s/service-portal-api/NOVA_URL", + "NOVA_PASSWORD": "/k8s/gjafakort/NOVA_PASSWORD", + "NOVA_USERNAME": "/k8s/gjafakort/NOVA_USERNAME", + "EMAIL_FROM": "/k8s/service-portal/api/EMAIL_FROM", + "EMAIL_FROM_NAME": "/k8s/service-portal/api/EMAIL_FROM_NAME", + "EMAIL_REPLY_TO": "/k8s/service-portal/api/EMAIL_REPLY_TO", + "EMAIL_REPLY_TO_NAME": "/k8s/service-portal/api/EMAIL_REPLY_TO_NAME", + "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", + "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", + "IDENTITY_SERVER_CLIENT_ID": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": { + "internal": { + "host": { + "dev": "service-portal-api", + "staging": "service-portal-api", + "prod": "service-portal-api" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "service-portal", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "800m", + "memory": "1024Mi" + }, + "requests": { + "cpu": "100m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [ + { + "filename": "islyklar.p12", + "env": "ISLYKILL_CERT" + } + ], + "volumes": [], + "image": "services-user-profile", + "accountName": "service-portal-api", + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "service_portal_api", + "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", + "name": "service_portal_api" + } + }, + "replicaCount": { + "default": 2, + "max": 30, + "min": 2 + }, + "postgres": { + "username": "service_portal_api", + "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", + "name": "service_portal_api" + } + } + } +} \ No newline at end of file diff --git a/charts/services/service-portal-api/values.prod.yaml b/charts/services/service-portal-api/values.prod.yaml index c7e37f4144c5..4f1a78c63e1f 100644 --- a/charts/services/service-portal-api/values.prod.yaml +++ b/charts/services/service-portal-api/values.prod.yaml @@ -1,3379 +1,196 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "service-portal-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "SERVICE_PORTAL_BASE_URL": { + "dev": "https://beta.dev01.devland.is/minarsidur", + "staging": "https://beta.staging01.devland.is/minarsidur", + "prod": "https://island.is/minarsidur", + "local": "http://localhost:4200/minarsidur" + }, + "EMAIL_REGION": "eu-west-1", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]" + }, + "features": {}, + "name": "service-portal-api", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "user-notification", + "identity-server", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NOVA_URL": "/k8s/service-portal-api/NOVA_URL", + "NOVA_PASSWORD": "/k8s/gjafakort/NOVA_PASSWORD", + "NOVA_USERNAME": "/k8s/gjafakort/NOVA_USERNAME", + "EMAIL_FROM": "/k8s/service-portal/api/EMAIL_FROM", + "EMAIL_FROM_NAME": "/k8s/service-portal/api/EMAIL_FROM_NAME", + "EMAIL_REPLY_TO": "/k8s/service-portal/api/EMAIL_REPLY_TO", + "EMAIL_REPLY_TO_NAME": "/k8s/service-portal/api/EMAIL_REPLY_TO_NAME", + "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", + "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", + "IDENTITY_SERVER_CLIENT_ID": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": { + "internal": { + "host": { + "dev": "service-portal-api", + "staging": "service-portal-api", + "prod": "service-portal-api" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "service-portal", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "800m", + "memory": "1024Mi" + }, + "requests": { + "cpu": "100m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [ + { + "filename": "islyklar.p12", + "env": "ISLYKILL_CERT" + } + ], + "volumes": [], + "image": "services-user-profile", + "accountName": "service-portal-api", + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "service_portal_api", + "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", + "name": "service_portal_api" + } + }, + "replicaCount": { + "default": 2, + "max": 30, + "min": 2 + }, + "postgres": { + "username": "service_portal_api", + "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", + "name": "service_portal_api" + } + } + } +} \ No newline at end of file diff --git a/charts/services/service-portal-api/values.staging.yaml b/charts/services/service-portal-api/values.staging.yaml index 227a2b0fcc6d..4f1a78c63e1f 100644 --- a/charts/services/service-portal-api/values.staging.yaml +++ b/charts/services/service-portal-api/values.staging.yaml @@ -1,3238 +1,196 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "service-portal-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "SERVICE_PORTAL_BASE_URL": { + "dev": "https://beta.dev01.devland.is/minarsidur", + "staging": "https://beta.staging01.devland.is/minarsidur", + "prod": "https://island.is/minarsidur", + "local": "http://localhost:4200/minarsidur" + }, + "EMAIL_REGION": "eu-west-1", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]" + }, + "features": {}, + "name": "service-portal-api", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "user-notification", + "identity-server", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "NOVA_URL": "/k8s/service-portal-api/NOVA_URL", + "NOVA_PASSWORD": "/k8s/gjafakort/NOVA_PASSWORD", + "NOVA_USERNAME": "/k8s/gjafakort/NOVA_USERNAME", + "EMAIL_FROM": "/k8s/service-portal/api/EMAIL_FROM", + "EMAIL_FROM_NAME": "/k8s/service-portal/api/EMAIL_FROM_NAME", + "EMAIL_REPLY_TO": "/k8s/service-portal/api/EMAIL_REPLY_TO", + "EMAIL_REPLY_TO_NAME": "/k8s/service-portal/api/EMAIL_REPLY_TO_NAME", + "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", + "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", + "IDENTITY_SERVER_CLIENT_ID": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": { + "internal": { + "host": { + "dev": "service-portal-api", + "staging": "service-portal-api", + "prod": "service-portal-api" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "service-portal", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "800m", + "memory": "1024Mi" + }, + "requests": { + "cpu": "100m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [ + { + "filename": "islyklar.p12", + "env": "ISLYKILL_CERT" + } + ], + "volumes": [], + "image": "services-user-profile", + "accountName": "service-portal-api", + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "service_portal_api", + "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", + "name": "service_portal_api" + } + }, + "replicaCount": { + "default": 2, + "max": 30, + "min": 2 + }, + "postgres": { + "username": "service_portal_api", + "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", + "name": "service_portal_api" + } + } + } +} \ No newline at end of file diff --git a/charts/services/service-portal/values.dev.yaml b/charts/services/service-portal/values.dev.yaml index 58d9f8e96dbc..dca3067c7018 100644 --- a/charts/services/service-portal/values.dev.yaml +++ b/charts/services/service-portal/values.dev.yaml @@ -1,3563 +1,102 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "service-portal": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/minarsidur", + "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "SI_PUBLIC_GRAPHQL_API": { + "prod": "/api/graphql", + "staging": "/api/graphql", + "dev": "/api/graphql" + } + }, + "features": {}, + "name": "service-portal", + "grantNamespaces": [ + "nginx-ingress-internal", + "nginx-ingress-external", + "islandis", + "user-notification", + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/minarsidur" + ] + } + }, + "namespace": "service-portal", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "300m", + "memory": "256Mi" + }, + "requests": { + "cpu": "5m", + "memory": "32Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 30, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/service-portal/values.prod.yaml b/charts/services/service-portal/values.prod.yaml index c7e37f4144c5..dca3067c7018 100644 --- a/charts/services/service-portal/values.prod.yaml +++ b/charts/services/service-portal/values.prod.yaml @@ -1,3379 +1,102 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "service-portal": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/minarsidur", + "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "SI_PUBLIC_GRAPHQL_API": { + "prod": "/api/graphql", + "staging": "/api/graphql", + "dev": "/api/graphql" + } + }, + "features": {}, + "name": "service-portal", + "grantNamespaces": [ + "nginx-ingress-internal", + "nginx-ingress-external", + "islandis", + "user-notification", + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/minarsidur" + ] + } + }, + "namespace": "service-portal", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "300m", + "memory": "256Mi" + }, + "requests": { + "cpu": "5m", + "memory": "32Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 30, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/service-portal/values.staging.yaml b/charts/services/service-portal/values.staging.yaml index 227a2b0fcc6d..dca3067c7018 100644 --- a/charts/services/service-portal/values.staging.yaml +++ b/charts/services/service-portal/values.staging.yaml @@ -1,3238 +1,102 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "service-portal": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "BASEPATH": "/minarsidur", + "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "SI_PUBLIC_GRAPHQL_API": { + "prod": "/api/graphql", + "staging": "/api/graphql", + "dev": "/api/graphql" + } + }, + "features": {}, + "name": "service-portal", + "grantNamespaces": [ + "nginx-ingress-internal", + "nginx-ingress-external", + "islandis", + "user-notification", + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/minarsidur" + ] + } + }, + "namespace": "service-portal", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "300m", + "memory": "256Mi" + }, + "requests": { + "cpu": "5m", + "memory": "32Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 30, + "min": 2 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-admin-api/values.dev.yaml b/charts/services/services-auth-admin-api/values.dev.yaml index 2efa5ea90de6..c03fd0a9682a 100644 --- a/charts/services/services-auth-admin-api/values.dev.yaml +++ b/charts/services/services-auth-admin-api/values.dev.yaml @@ -1,826 +1,186 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.dev01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://preview.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-admin-api": { + "serviceDef": { + "liveness": { + "path": "/backend/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/backend/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_ISSUER_URL_LIST": { + "dev": "[\"https://identity-server.dev01.devland.is\",\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", + "staging": "[\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", + "prod": "[\"https://innskra.island.is\"]" + }, + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-admin-api", + "grantNamespaces": [ + "nginx-ingress-external", + "nginx-ingress-internal", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "CLIENT_SECRET_ENCRYPTION_KEY": "/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "paths": [ + "/backend" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + } + } + } + }, + "namespace": "identity-server-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "768Mi" + }, + "requests": { + "cpu": "100m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-admin-api", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-admin-api/values.prod.yaml b/charts/services/services-auth-admin-api/values.prod.yaml index 6ebbacf21056..c03fd0a9682a 100644 --- a/charts/services/services-auth-admin-api/values.prod.yaml +++ b/charts/services/services-auth-admin-api/values.prod.yaml @@ -1,823 +1,186 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://innskra.island.is/admin' - IDENTITYSERVER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'false' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'true' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.innskra.island.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-admin-api": { + "serviceDef": { + "liveness": { + "path": "/backend/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/backend/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_ISSUER_URL_LIST": { + "dev": "[\"https://identity-server.dev01.devland.is\",\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", + "staging": "[\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", + "prod": "[\"https://innskra.island.is\"]" + }, + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-admin-api", + "grantNamespaces": [ + "nginx-ingress-external", + "nginx-ingress-internal", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "CLIENT_SECRET_ENCRYPTION_KEY": "/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "paths": [ + "/backend" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + } + } + } + }, + "namespace": "identity-server-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "768Mi" + }, + "requests": { + "cpu": "100m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-admin-api", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-admin-api/values.staging.yaml b/charts/services/services-auth-admin-api/values.staging.yaml index 2273a2f55b22..c03fd0a9682a 100644 --- a/charts/services/services-auth-admin-api/values.staging.yaml +++ b/charts/services/services-auth-admin-api/values.staging.yaml @@ -1,826 +1,186 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.staging01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-admin-api": { + "serviceDef": { + "liveness": { + "path": "/backend/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/backend/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "IDENTITY_SERVER_ISSUER_URL_LIST": { + "dev": "[\"https://identity-server.dev01.devland.is\",\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", + "staging": "[\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", + "prod": "[\"https://innskra.island.is\"]" + }, + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-admin-api", + "grantNamespaces": [ + "nginx-ingress-external", + "nginx-ingress-internal", + "islandis" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "CLIENT_SECRET_ENCRYPTION_KEY": "/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "paths": [ + "/backend" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + }, + "prod": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false" + } + } + } + }, + "namespace": "identity-server-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "768Mi" + }, + "requests": { + "cpu": "100m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-admin-api", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-delegation-api/values.dev.yaml b/charts/services/services-auth-delegation-api/values.dev.yaml index 2efa5ea90de6..b6e637ef373f 100644 --- a/charts/services/services-auth-delegation-api/values.dev.yaml +++ b/charts/services/services-auth-delegation-api/values.dev.yaml @@ -1,826 +1,173 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.dev01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://preview.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-delegation-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "USER_NOTIFICATION_API_URL": { + "prod": "https://user-notification.internal.island.is" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-delegation-api", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "service-portal", + "user-notification-worker" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "internal": { + "host": { + "dev": "auth-delegation-api", + "staging": "auth-delegation-api", + "prod": "auth-delegation-api.internal.innskra.island.is" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "identity-server-delegation", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-delegation-api", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-delegation-api/values.prod.yaml b/charts/services/services-auth-delegation-api/values.prod.yaml index 6ebbacf21056..b6e637ef373f 100644 --- a/charts/services/services-auth-delegation-api/values.prod.yaml +++ b/charts/services/services-auth-delegation-api/values.prod.yaml @@ -1,823 +1,173 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://innskra.island.is/admin' - IDENTITYSERVER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'false' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'true' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.innskra.island.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-delegation-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "USER_NOTIFICATION_API_URL": { + "prod": "https://user-notification.internal.island.is" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-delegation-api", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "service-portal", + "user-notification-worker" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "internal": { + "host": { + "dev": "auth-delegation-api", + "staging": "auth-delegation-api", + "prod": "auth-delegation-api.internal.innskra.island.is" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "identity-server-delegation", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-delegation-api", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-delegation-api/values.staging.yaml b/charts/services/services-auth-delegation-api/values.staging.yaml index 2273a2f55b22..b6e637ef373f 100644 --- a/charts/services/services-auth-delegation-api/values.staging.yaml +++ b/charts/services/services-auth-delegation-api/values.staging.yaml @@ -1,826 +1,173 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.staging01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-delegation-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "USER_NOTIFICATION_API_URL": { + "prod": "https://user-notification.internal.island.is" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-delegation-api", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "service-portal", + "user-notification-worker" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "internal": { + "host": { + "dev": "auth-delegation-api", + "staging": "auth-delegation-api", + "prod": "auth-delegation-api.internal.innskra.island.is" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "identity-server-delegation", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-delegation-api", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-ids-api-cleanup/values.dev.yaml b/charts/services/services-auth-ids-api-cleanup/values.dev.yaml index 2efa5ea90de6..a6ed7e3ef533 100644 --- a/charts/services/services-auth-ids-api-cleanup/values.dev.yaml +++ b/charts/services/services-auth-ids-api-cleanup/values.dev.yaml @@ -1,826 +1,75 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.dev01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://preview.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-ids-api-cleanup": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-auth-ids-api-cleanup", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "identity-server", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "1024Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-auth-ids-api", + "cmds": "node", + "args": [ + "main.js", + "--job=cleanup" + ], + "postgres": { + "name": "servicesauth", + "extensions": [ + "uuid-ossp" + ], + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "extraAttributes": { + "dev": { + "schedule": "0 3 * * *" + }, + "staging": { + "schedule": "0 3 * * *" + }, + "prod": { + "schedule": "0 3 * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-ids-api-cleanup/values.prod.yaml b/charts/services/services-auth-ids-api-cleanup/values.prod.yaml index 6ebbacf21056..a6ed7e3ef533 100644 --- a/charts/services/services-auth-ids-api-cleanup/values.prod.yaml +++ b/charts/services/services-auth-ids-api-cleanup/values.prod.yaml @@ -1,823 +1,75 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://innskra.island.is/admin' - IDENTITYSERVER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'false' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'true' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.innskra.island.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-ids-api-cleanup": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-auth-ids-api-cleanup", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "identity-server", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "1024Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-auth-ids-api", + "cmds": "node", + "args": [ + "main.js", + "--job=cleanup" + ], + "postgres": { + "name": "servicesauth", + "extensions": [ + "uuid-ossp" + ], + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "extraAttributes": { + "dev": { + "schedule": "0 3 * * *" + }, + "staging": { + "schedule": "0 3 * * *" + }, + "prod": { + "schedule": "0 3 * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-ids-api-cleanup/values.staging.yaml b/charts/services/services-auth-ids-api-cleanup/values.staging.yaml index 2273a2f55b22..a6ed7e3ef533 100644 --- a/charts/services/services-auth-ids-api-cleanup/values.staging.yaml +++ b/charts/services/services-auth-ids-api-cleanup/values.staging.yaml @@ -1,826 +1,75 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.staging01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-ids-api-cleanup": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-auth-ids-api-cleanup", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "identity-server", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "1024Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-auth-ids-api", + "cmds": "node", + "args": [ + "main.js", + "--job=cleanup" + ], + "postgres": { + "name": "servicesauth", + "extensions": [ + "uuid-ossp" + ], + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "extraAttributes": { + "dev": { + "schedule": "0 3 * * *" + }, + "staging": { + "schedule": "0 3 * * *" + }, + "prod": { + "schedule": "0 3 * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-ids-api/values.dev.yaml b/charts/services/services-auth-ids-api/values.dev.yaml index 2efa5ea90de6..2172c42e0aa4 100644 --- a/charts/services/services-auth-ids-api/values.dev.yaml +++ b/charts/services/services-auth-ids-api/values.dev.yaml @@ -1,826 +1,241 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.dev01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://preview.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-ids-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "PASSKEY_CORE_MAX_AGE_DAYS": "365", + "PUBLIC_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "USER_PROFILE_CLIENT_URL": { + "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", + "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", + "prod": "https://service-portal-api.internal.island.is" + }, + "USER_PROFILE_CLIENT_SCOPE": "[\"@island.is/user-profile:read\"]", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "PASSKEY_CORE_RP_ID": "island.is", + "PASSKEY_CORE_RP_NAME": "Island.is", + "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", + "REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000" + }, + "features": {}, + "name": "services-auth-ids-api", + "grantNamespaces": [ + "nginx-ingress-external", + "user-notification" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NOVA_URL": "/k8s/services-auth/NOVA_URL", + "NOVA_USERNAME": "/k8s/services-auth/NOVA_USERNAME", + "NOVA_PASSWORD": "/k8s/services-auth/NOVA_PASSWORD", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": {}, + "namespace": "identity-server", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "800m", + "memory": "768Mi" + }, + "requests": { + "cpu": "400m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", + "staging": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", + "prod": "8271bbc2-d8de-480f-8540-ea43fc40b7ae" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-ids-api", + "postgres": { + "name": "servicesauth", + "extensions": [ + "uuid-ossp" + ], + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + }, + { + "name": "seed", + "command": "npx", + "args": [ + "sequelize-cli", + "db:seed:all" + ] + } + ], + "postgres": { + "name": "servicesauth", + "extensions": [ + "uuid-ossp" + ], + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + } + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 15 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-ids-api/values.prod.yaml b/charts/services/services-auth-ids-api/values.prod.yaml index 6ebbacf21056..2172c42e0aa4 100644 --- a/charts/services/services-auth-ids-api/values.prod.yaml +++ b/charts/services/services-auth-ids-api/values.prod.yaml @@ -1,823 +1,241 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://innskra.island.is/admin' - IDENTITYSERVER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'false' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'true' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.innskra.island.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-ids-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "PASSKEY_CORE_MAX_AGE_DAYS": "365", + "PUBLIC_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "USER_PROFILE_CLIENT_URL": { + "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", + "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", + "prod": "https://service-portal-api.internal.island.is" + }, + "USER_PROFILE_CLIENT_SCOPE": "[\"@island.is/user-profile:read\"]", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "PASSKEY_CORE_RP_ID": "island.is", + "PASSKEY_CORE_RP_NAME": "Island.is", + "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", + "REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000" + }, + "features": {}, + "name": "services-auth-ids-api", + "grantNamespaces": [ + "nginx-ingress-external", + "user-notification" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NOVA_URL": "/k8s/services-auth/NOVA_URL", + "NOVA_USERNAME": "/k8s/services-auth/NOVA_USERNAME", + "NOVA_PASSWORD": "/k8s/services-auth/NOVA_PASSWORD", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": {}, + "namespace": "identity-server", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "800m", + "memory": "768Mi" + }, + "requests": { + "cpu": "400m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", + "staging": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", + "prod": "8271bbc2-d8de-480f-8540-ea43fc40b7ae" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-ids-api", + "postgres": { + "name": "servicesauth", + "extensions": [ + "uuid-ossp" + ], + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + }, + { + "name": "seed", + "command": "npx", + "args": [ + "sequelize-cli", + "db:seed:all" + ] + } + ], + "postgres": { + "name": "servicesauth", + "extensions": [ + "uuid-ossp" + ], + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + } + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 15 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-ids-api/values.staging.yaml b/charts/services/services-auth-ids-api/values.staging.yaml index 2273a2f55b22..2172c42e0aa4 100644 --- a/charts/services/services-auth-ids-api/values.staging.yaml +++ b/charts/services/services-auth-ids-api/values.staging.yaml @@ -1,826 +1,241 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.staging01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-ids-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "PASSKEY_CORE_MAX_AGE_DAYS": "365", + "PUBLIC_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "USER_PROFILE_CLIENT_URL": { + "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", + "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", + "prod": "https://service-portal-api.internal.island.is" + }, + "USER_PROFILE_CLIENT_SCOPE": "[\"@island.is/user-profile:read\"]", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + }, + "NOVA_ACCEPT_UNAUTHORIZED": { + "dev": "true", + "staging": "false", + "prod": "false" + }, + "PASSKEY_CORE_RP_ID": "island.is", + "PASSKEY_CORE_RP_NAME": "Island.is", + "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", + "REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000" + }, + "features": {}, + "name": "services-auth-ids-api", + "grantNamespaces": [ + "nginx-ingress-external", + "user-notification" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NOVA_URL": "/k8s/services-auth/NOVA_URL", + "NOVA_USERNAME": "/k8s/services-auth/NOVA_USERNAME", + "NOVA_PASSWORD": "/k8s/services-auth/NOVA_PASSWORD", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": {}, + "namespace": "identity-server", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "800m", + "memory": "768Mi" + }, + "requests": { + "cpu": "400m", + "memory": "512Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", + "staging": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", + "prod": "8271bbc2-d8de-480f-8540-ea43fc40b7ae" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-ids-api", + "postgres": { + "name": "servicesauth", + "extensions": [ + "uuid-ossp" + ], + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + }, + { + "name": "seed", + "command": "npx", + "args": [ + "sequelize-cli", + "db:seed:all" + ] + } + ], + "postgres": { + "name": "servicesauth", + "extensions": [ + "uuid-ossp" + ], + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + } + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 15 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-personal-representative-public/values.dev.yaml b/charts/services/services-auth-personal-representative-public/values.dev.yaml index 2efa5ea90de6..208612f652a0 100644 --- a/charts/services/services-auth-personal-representative-public/values.dev.yaml +++ b/charts/services/services-auth-personal-representative-public/values.dev.yaml @@ -1,826 +1,73 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.dev01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://preview.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-personal-representative-public": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-auth-personal-representative-public", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "personal-representative-public-xrd.internal.dev01.devland.is", + "staging": "personal-representative-public-xrd.internal.staging01.devland.is", + "prod": "personal-representative-public-xrd.internal.innskra.island.is" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "personal-representative", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-auth-personal-representative-public", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-personal-representative-public/values.prod.yaml b/charts/services/services-auth-personal-representative-public/values.prod.yaml index 6ebbacf21056..208612f652a0 100644 --- a/charts/services/services-auth-personal-representative-public/values.prod.yaml +++ b/charts/services/services-auth-personal-representative-public/values.prod.yaml @@ -1,823 +1,73 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://innskra.island.is/admin' - IDENTITYSERVER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'false' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'true' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.innskra.island.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-personal-representative-public": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-auth-personal-representative-public", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "personal-representative-public-xrd.internal.dev01.devland.is", + "staging": "personal-representative-public-xrd.internal.staging01.devland.is", + "prod": "personal-representative-public-xrd.internal.innskra.island.is" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "personal-representative", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-auth-personal-representative-public", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-personal-representative-public/values.staging.yaml b/charts/services/services-auth-personal-representative-public/values.staging.yaml index 2273a2f55b22..208612f652a0 100644 --- a/charts/services/services-auth-personal-representative-public/values.staging.yaml +++ b/charts/services/services-auth-personal-representative-public/values.staging.yaml @@ -1,826 +1,73 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.staging01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-personal-representative-public": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-auth-personal-representative-public", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "personal-representative-public-xrd.internal.dev01.devland.is", + "staging": "personal-representative-public-xrd.internal.staging01.devland.is", + "prod": "personal-representative-public-xrd.internal.innskra.island.is" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "personal-representative", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-auth-personal-representative-public", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-personal-representative/values.dev.yaml b/charts/services/services-auth-personal-representative/values.dev.yaml index 2efa5ea90de6..b2b791647b8d 100644 --- a/charts/services/services-auth-personal-representative/values.dev.yaml +++ b/charts/services/services-auth-personal-representative/values.dev.yaml @@ -1,826 +1,164 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.dev01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://preview.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-personal-representative": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-personal-representative", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "primary": { + "host": { + "dev": "personal-representative-xrd.internal.dev01.devland.is", + "staging": "personal-representative-xrd.internal.staging01.devland.is", + "prod": "personal-representative-xrd.internal.innskra.island.is" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "personal-representative", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-personal-representative", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-personal-representative/values.prod.yaml b/charts/services/services-auth-personal-representative/values.prod.yaml index 6ebbacf21056..b2b791647b8d 100644 --- a/charts/services/services-auth-personal-representative/values.prod.yaml +++ b/charts/services/services-auth-personal-representative/values.prod.yaml @@ -1,823 +1,164 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://innskra.island.is/admin' - IDENTITYSERVER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'false' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'true' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.innskra.island.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-personal-representative": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-personal-representative", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "primary": { + "host": { + "dev": "personal-representative-xrd.internal.dev01.devland.is", + "staging": "personal-representative-xrd.internal.staging01.devland.is", + "prod": "personal-representative-xrd.internal.innskra.island.is" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "personal-representative", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-personal-representative", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-personal-representative/values.staging.yaml b/charts/services/services-auth-personal-representative/values.staging.yaml index 2273a2f55b22..b2b791647b8d 100644 --- a/charts/services/services-auth-personal-representative/values.staging.yaml +++ b/charts/services/services-auth-personal-representative/values.staging.yaml @@ -1,826 +1,164 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.staging01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-personal-representative": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-personal-representative", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "primary": { + "host": { + "dev": "personal-representative-xrd.internal.dev01.devland.is", + "staging": "personal-representative-xrd.internal.staging01.devland.is", + "prod": "personal-representative-xrd.internal.innskra.island.is" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "personal-representative", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-personal-representative", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-public-api/values.dev.yaml b/charts/services/services-auth-public-api/values.dev.yaml index 2efa5ea90de6..5554fa826b33 100644 --- a/charts/services/services-auth-public-api/values.dev.yaml +++ b/charts/services/services-auth-public-api/values.dev.yaml @@ -1,826 +1,205 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.dev01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://preview.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-public-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "PUBLIC_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + }, + "PASSKEY_CORE_RP_ID": "island.is", + "PASSKEY_CORE_RP_NAME": "Island.is", + "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", + "REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-public-api", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "paths": [ + "/api(/|$)(.*)" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/rewrite-target": "/$2" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/rewrite-target": "/$2" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/rewrite-target": "/$2" + } + } + } + }, + "namespace": "identity-server-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "384Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-public-api", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-public-api/values.prod.yaml b/charts/services/services-auth-public-api/values.prod.yaml index 6ebbacf21056..5554fa826b33 100644 --- a/charts/services/services-auth-public-api/values.prod.yaml +++ b/charts/services/services-auth-public-api/values.prod.yaml @@ -1,823 +1,205 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://innskra.island.is/admin' - IDENTITYSERVER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'false' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'true' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.innskra.island.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-public-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "PUBLIC_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + }, + "PASSKEY_CORE_RP_ID": "island.is", + "PASSKEY_CORE_RP_NAME": "Island.is", + "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", + "REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-public-api", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "paths": [ + "/api(/|$)(.*)" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/rewrite-target": "/$2" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/rewrite-target": "/$2" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/rewrite-target": "/$2" + } + } + } + }, + "namespace": "identity-server-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "384Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-public-api", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-auth-public-api/values.staging.yaml b/charts/services/services-auth-public-api/values.staging.yaml index 2273a2f55b22..5554fa826b33 100644 --- a/charts/services/services-auth-public-api/values.staging.yaml +++ b/charts/services/services-auth-public-api/values.staging.yaml @@ -1,826 +1,205 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -auth-admin-web: - enabled: true - env: - BASE_URL: 'https://identity-server.staging01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -global: - env: - AUDIT_GROUP_NAME: '/identity-server/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -identity-server: - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' - create: true - name: 'identity-server' -namespaces: - labels: {} - namespaces: - - 'identity-server' - - 'identity-server-admin' - - 'identity-server-delegation' - - 'personal-representative' -services-auth-admin-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-delegation-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-ids-api-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-personal-representative-public: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-auth-public-api: - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false +{ + "services-auth-public-api": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "PUBLIC_URL": { + "dev": "https://identity-server.dev01.devland.is/api", + "staging": "https://identity-server.staging01.devland.is/api", + "prod": "https://innskra.island.is/api" + }, + "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", + "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", + "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", + "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", + "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" + }, + "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_RSK_PROCURING_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "XROAD_TJODSKRA_MEMBER_CODE": { + "prod": "6503760649", + "dev": "10001", + "staging": "6503760649" + }, + "PASSKEY_CORE_RP_ID": "island.is", + "PASSKEY_CORE_RP_NAME": "Island.is", + "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", + "REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" + }, + "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", + "SYSLUMENN_HOST": { + "dev": "https://api.syslumenn.is/staging", + "staging": "https://api.syslumenn.is/staging", + "prod": "https://api.syslumenn.is/api" + }, + "SYSLUMENN_TIMEOUT": "3000", + "ZENDESK_CONTACT_FORM_SUBDOMAIN": { + "prod": "digitaliceland", + "staging": "digitaliceland", + "dev": "digitaliceland" + } + }, + "features": {}, + "name": "services-auth-public-api", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", + "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", + "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", + "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", + "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", + "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" + }, + "ingress": { + "primary": { + "host": { + "dev": "identity-server.dev01.devland.is", + "staging": "identity-server.staging01.devland.is", + "prod": "innskra.island.is" + }, + "paths": [ + "/api(/|$)(.*)" + ], + "public": true, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/rewrite-target": "/$2" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/rewrite-target": "/$2" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/rewrite-target": "/$2" + } + } + } + }, + "namespace": "identity-server-admin", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "384Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_RSK_PROCURING_PATH": { + "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", + "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-auth-public-api", + "postgres": { + "name": "servicesauth", + "username": "servicesauth", + "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-bff-portals-admin/values.dev.yaml b/charts/services/services-bff-portals-admin/values.dev.yaml index 58d9f8e96dbc..ccd8cf51242a 100644 --- a/charts/services/services-bff-portals-admin/values.dev.yaml +++ b/charts/services/services-bff-portals-admin/values.dev.yaml @@ -1,3563 +1,132 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-bff-portals-admin": { + "serviceDef": { + "liveness": { + "path": "/stjornbord/bff/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/stjornbord/bff/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_SCOPES": "[\"@admin.island.is/delegations\",\"@admin.island.is/ads\",\"@admin.island.is/regulations\",\"@admin.island.is/regulations:manage\",\"@admin.island.is/icelandic-names-registry\",\"@admin.island.is/application-system:admin\",\"@admin.island.is/application-system:institution\",\"@admin.island.is/document-provider\",\"@admin.island.is/auth\",\"@admin.island.is/auth:admin\",\"@admin.island.is/petitions\",\"@admin.island.is/service-desk\",\"@admin.island.is/ads:explicit\",\"@admin.island.is/signature-collection:manage\",\"@admin.island.is/signature-collection:process\",\"@admin.island.is/form-system\",\"@admin.island.is/form-system:admin\",\"@admin.island.is/delegation-system\",\"@admin.island.is/delegation-system:admin\"]", + "IDENTITY_SERVER_CLIENT_ID": "@admin.island.is/bff-stjornbord", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "BFF_NAME": { + "local": "stjornbord", + "dev": "stjornbord", + "staging": "stjornbord", + "prod": "stjornbord" + }, + "BFF_CLIENT_KEY_PATH": "/stjornbord", + "BFF_PAR_SUPPORT_ENABLED": "true", + "BFF_CLIENT_BASE_URL": { + "local": "http://localhost:4200", + "prod": "https://island.is" + }, + "BFF_ALLOWED_REDIRECT_URIS": { + "local": "[\"http://localhost:4200/stjornbord\"]", + "prod": "[\"https://island.is\"]" + }, + "BFF_LOGOUT_REDIRECT_URI": { + "local": "http://localhost:4200/stjornbord", + "prod": "https://island.is" + }, + "BFF_CALLBACKS_BASE_PATH": { + "local": "http://localhost:3010/stjornbord/bff/callbacks" + }, + "BFF_PROXY_API_ENDPOINT": { + "local": "http://localhost:4444/api/graphql" + }, + "BFF_CACHE_USER_PROFILE_TTL_MS": "3595000", + "BFF_LOGIN_ATTEMPT_TTL_MS": "604800000", + "BFF_ALLOWED_EXTERNAL_API_URLS": { + "local": "[\"http://localhost:3377/download/v1\"]", + "dev": "[\"https://api.dev01.devland.is\"]", + "staging": "[\"https://api.staging01.devland.is\"]", + "prod": "[\"https://api.island.is\"]" + } + }, + "features": {}, + "name": "services-bff-portals-admin", + "grantNamespaces": [ + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "BFF_TOKEN_SECRET_BASE64": "/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET", + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/stjornbord/bff" + ] + } + }, + "namespace": "portals-admin", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-bff", + "redis": {}, + "accountName": "services-bff", + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-bff-portals-admin/values.prod.yaml b/charts/services/services-bff-portals-admin/values.prod.yaml index c7e37f4144c5..ccd8cf51242a 100644 --- a/charts/services/services-bff-portals-admin/values.prod.yaml +++ b/charts/services/services-bff-portals-admin/values.prod.yaml @@ -1,3379 +1,132 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-bff-portals-admin": { + "serviceDef": { + "liveness": { + "path": "/stjornbord/bff/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/stjornbord/bff/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_SCOPES": "[\"@admin.island.is/delegations\",\"@admin.island.is/ads\",\"@admin.island.is/regulations\",\"@admin.island.is/regulations:manage\",\"@admin.island.is/icelandic-names-registry\",\"@admin.island.is/application-system:admin\",\"@admin.island.is/application-system:institution\",\"@admin.island.is/document-provider\",\"@admin.island.is/auth\",\"@admin.island.is/auth:admin\",\"@admin.island.is/petitions\",\"@admin.island.is/service-desk\",\"@admin.island.is/ads:explicit\",\"@admin.island.is/signature-collection:manage\",\"@admin.island.is/signature-collection:process\",\"@admin.island.is/form-system\",\"@admin.island.is/form-system:admin\",\"@admin.island.is/delegation-system\",\"@admin.island.is/delegation-system:admin\"]", + "IDENTITY_SERVER_CLIENT_ID": "@admin.island.is/bff-stjornbord", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "BFF_NAME": { + "local": "stjornbord", + "dev": "stjornbord", + "staging": "stjornbord", + "prod": "stjornbord" + }, + "BFF_CLIENT_KEY_PATH": "/stjornbord", + "BFF_PAR_SUPPORT_ENABLED": "true", + "BFF_CLIENT_BASE_URL": { + "local": "http://localhost:4200", + "prod": "https://island.is" + }, + "BFF_ALLOWED_REDIRECT_URIS": { + "local": "[\"http://localhost:4200/stjornbord\"]", + "prod": "[\"https://island.is\"]" + }, + "BFF_LOGOUT_REDIRECT_URI": { + "local": "http://localhost:4200/stjornbord", + "prod": "https://island.is" + }, + "BFF_CALLBACKS_BASE_PATH": { + "local": "http://localhost:3010/stjornbord/bff/callbacks" + }, + "BFF_PROXY_API_ENDPOINT": { + "local": "http://localhost:4444/api/graphql" + }, + "BFF_CACHE_USER_PROFILE_TTL_MS": "3595000", + "BFF_LOGIN_ATTEMPT_TTL_MS": "604800000", + "BFF_ALLOWED_EXTERNAL_API_URLS": { + "local": "[\"http://localhost:3377/download/v1\"]", + "dev": "[\"https://api.dev01.devland.is\"]", + "staging": "[\"https://api.staging01.devland.is\"]", + "prod": "[\"https://api.island.is\"]" + } + }, + "features": {}, + "name": "services-bff-portals-admin", + "grantNamespaces": [ + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "BFF_TOKEN_SECRET_BASE64": "/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET", + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/stjornbord/bff" + ] + } + }, + "namespace": "portals-admin", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-bff", + "redis": {}, + "accountName": "services-bff", + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-bff-portals-admin/values.staging.yaml b/charts/services/services-bff-portals-admin/values.staging.yaml index 227a2b0fcc6d..ccd8cf51242a 100644 --- a/charts/services/services-bff-portals-admin/values.staging.yaml +++ b/charts/services/services-bff-portals-admin/values.staging.yaml @@ -1,3238 +1,132 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-bff-portals-admin": { + "serviceDef": { + "liveness": { + "path": "/stjornbord/bff/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/stjornbord/bff/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_SCOPES": "[\"@admin.island.is/delegations\",\"@admin.island.is/ads\",\"@admin.island.is/regulations\",\"@admin.island.is/regulations:manage\",\"@admin.island.is/icelandic-names-registry\",\"@admin.island.is/application-system:admin\",\"@admin.island.is/application-system:institution\",\"@admin.island.is/document-provider\",\"@admin.island.is/auth\",\"@admin.island.is/auth:admin\",\"@admin.island.is/petitions\",\"@admin.island.is/service-desk\",\"@admin.island.is/ads:explicit\",\"@admin.island.is/signature-collection:manage\",\"@admin.island.is/signature-collection:process\",\"@admin.island.is/form-system\",\"@admin.island.is/form-system:admin\",\"@admin.island.is/delegation-system\",\"@admin.island.is/delegation-system:admin\"]", + "IDENTITY_SERVER_CLIENT_ID": "@admin.island.is/bff-stjornbord", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "BFF_NAME": { + "local": "stjornbord", + "dev": "stjornbord", + "staging": "stjornbord", + "prod": "stjornbord" + }, + "BFF_CLIENT_KEY_PATH": "/stjornbord", + "BFF_PAR_SUPPORT_ENABLED": "true", + "BFF_CLIENT_BASE_URL": { + "local": "http://localhost:4200", + "prod": "https://island.is" + }, + "BFF_ALLOWED_REDIRECT_URIS": { + "local": "[\"http://localhost:4200/stjornbord\"]", + "prod": "[\"https://island.is\"]" + }, + "BFF_LOGOUT_REDIRECT_URI": { + "local": "http://localhost:4200/stjornbord", + "prod": "https://island.is" + }, + "BFF_CALLBACKS_BASE_PATH": { + "local": "http://localhost:3010/stjornbord/bff/callbacks" + }, + "BFF_PROXY_API_ENDPOINT": { + "local": "http://localhost:4444/api/graphql" + }, + "BFF_CACHE_USER_PROFILE_TTL_MS": "3595000", + "BFF_LOGIN_ATTEMPT_TTL_MS": "604800000", + "BFF_ALLOWED_EXTERNAL_API_URLS": { + "local": "[\"http://localhost:3377/download/v1\"]", + "dev": "[\"https://api.dev01.devland.is\"]", + "staging": "[\"https://api.staging01.devland.is\"]", + "prod": "[\"https://api.island.is\"]" + } + }, + "features": {}, + "name": "services-bff-portals-admin", + "grantNamespaces": [ + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "BFF_TOKEN_SECRET_BASE64": "/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET", + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/enable-global-auth": "false", + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/stjornbord/bff" + ] + } + }, + "namespace": "portals-admin", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-bff", + "redis": {}, + "accountName": "services-bff", + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-documents/values.dev.yaml b/charts/services/services-documents/values.dev.yaml index 58d9f8e96dbc..1c7719f4cad1 100644 --- a/charts/services/services-documents/values.dev.yaml +++ b/charts/services/services-documents/values.dev.yaml @@ -1,3563 +1,79 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-documents": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-documents", + "grantNamespaces": [ + "islandis", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "services-documents", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-documents", + "postgres": { + "username": "services_documents", + "passwordSecret": "/k8s/services-documents/DB_PASSWORD", + "name": "services_documents" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "services_documents", + "passwordSecret": "/k8s/services-documents/DB_PASSWORD", + "name": "services_documents" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-documents/values.prod.yaml b/charts/services/services-documents/values.prod.yaml index c7e37f4144c5..1c7719f4cad1 100644 --- a/charts/services/services-documents/values.prod.yaml +++ b/charts/services/services-documents/values.prod.yaml @@ -1,3379 +1,79 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-documents": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-documents", + "grantNamespaces": [ + "islandis", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "services-documents", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-documents", + "postgres": { + "username": "services_documents", + "passwordSecret": "/k8s/services-documents/DB_PASSWORD", + "name": "services_documents" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "services_documents", + "passwordSecret": "/k8s/services-documents/DB_PASSWORD", + "name": "services_documents" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-documents/values.staging.yaml b/charts/services/services-documents/values.staging.yaml index 227a2b0fcc6d..1c7719f4cad1 100644 --- a/charts/services/services-documents/values.staging.yaml +++ b/charts/services/services-documents/values.staging.yaml @@ -1,3238 +1,79 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-documents": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-documents", + "grantNamespaces": [ + "islandis", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "services-documents", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-documents", + "postgres": { + "username": "services_documents", + "passwordSecret": "/k8s/services-documents/DB_PASSWORD", + "name": "services_documents" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "services_documents", + "passwordSecret": "/k8s/services-documents/DB_PASSWORD", + "name": "services_documents" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-sessions-cleanup/values.dev.yaml b/charts/services/services-sessions-cleanup/values.dev.yaml index 58d9f8e96dbc..17e9ebd2a82a 100644 --- a/charts/services/services-sessions-cleanup/values.dev.yaml +++ b/charts/services/services-sessions-cleanup/values.dev.yaml @@ -1,3563 +1,70 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-sessions-cleanup": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "services-sessions-cleanup", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "services-sessions", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-sessions", + "cmds": "node", + "args": [ + "main.js", + "--job=cleanup" + ], + "postgres": { + "name": "services_sessions", + "extensions": [ + "uuid-ossp" + ], + "readOnly": false, + "username": "services_sessions", + "passwordSecret": "/k8s/services-sessions/DB_PASSWORD" + }, + "extraAttributes": { + "dev": { + "schedule": "0 3 * * *" + }, + "staging": { + "schedule": "0 3 * * *" + }, + "prod": { + "schedule": "0 3 * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-sessions-cleanup/values.prod.yaml b/charts/services/services-sessions-cleanup/values.prod.yaml index c7e37f4144c5..17e9ebd2a82a 100644 --- a/charts/services/services-sessions-cleanup/values.prod.yaml +++ b/charts/services/services-sessions-cleanup/values.prod.yaml @@ -1,3379 +1,70 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-sessions-cleanup": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "services-sessions-cleanup", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "services-sessions", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-sessions", + "cmds": "node", + "args": [ + "main.js", + "--job=cleanup" + ], + "postgres": { + "name": "services_sessions", + "extensions": [ + "uuid-ossp" + ], + "readOnly": false, + "username": "services_sessions", + "passwordSecret": "/k8s/services-sessions/DB_PASSWORD" + }, + "extraAttributes": { + "dev": { + "schedule": "0 3 * * *" + }, + "staging": { + "schedule": "0 3 * * *" + }, + "prod": { + "schedule": "0 3 * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-sessions-cleanup/values.staging.yaml b/charts/services/services-sessions-cleanup/values.staging.yaml index 227a2b0fcc6d..17e9ebd2a82a 100644 --- a/charts/services/services-sessions-cleanup/values.staging.yaml +++ b/charts/services/services-sessions-cleanup/values.staging.yaml @@ -1,3238 +1,70 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-sessions-cleanup": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "services-sessions-cleanup", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "services-sessions", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-sessions", + "cmds": "node", + "args": [ + "main.js", + "--job=cleanup" + ], + "postgres": { + "name": "services_sessions", + "extensions": [ + "uuid-ossp" + ], + "readOnly": false, + "username": "services_sessions", + "passwordSecret": "/k8s/services-sessions/DB_PASSWORD" + }, + "extraAttributes": { + "dev": { + "schedule": "0 3 * * *" + }, + "staging": { + "schedule": "0 3 * * *" + }, + "prod": { + "schedule": "0 3 * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-sessions-worker/values.dev.yaml b/charts/services/services-sessions-worker/values.dev.yaml index 58d9f8e96dbc..32b1fae317df 100644 --- a/charts/services/services-sessions-worker/values.dev.yaml +++ b/charts/services/services-sessions-worker/values.dev.yaml @@ -1,3563 +1,92 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-sessions-worker": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "REDIS_USE_SSL": "true" + }, + "features": {}, + "name": "services-sessions-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "services-sessions", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-sessions", + "redis": {}, + "accountName": "sessions-worker", + "cmds": "node", + "args": [ + "main.js", + "--job=worker" + ], + "postgres": { + "extensions": [ + "uuid-ossp" + ], + "readOnly": false, + "username": "services_sessions", + "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", + "name": "services_sessions" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "extensions": [ + "uuid-ossp" + ], + "readOnly": false, + "username": "services_sessions", + "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", + "name": "services_sessions" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-sessions-worker/values.prod.yaml b/charts/services/services-sessions-worker/values.prod.yaml index c7e37f4144c5..32b1fae317df 100644 --- a/charts/services/services-sessions-worker/values.prod.yaml +++ b/charts/services/services-sessions-worker/values.prod.yaml @@ -1,3379 +1,92 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-sessions-worker": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "REDIS_USE_SSL": "true" + }, + "features": {}, + "name": "services-sessions-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "services-sessions", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-sessions", + "redis": {}, + "accountName": "sessions-worker", + "cmds": "node", + "args": [ + "main.js", + "--job=worker" + ], + "postgres": { + "extensions": [ + "uuid-ossp" + ], + "readOnly": false, + "username": "services_sessions", + "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", + "name": "services_sessions" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "extensions": [ + "uuid-ossp" + ], + "readOnly": false, + "username": "services_sessions", + "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", + "name": "services_sessions" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-sessions-worker/values.staging.yaml b/charts/services/services-sessions-worker/values.staging.yaml index 227a2b0fcc6d..32b1fae317df 100644 --- a/charts/services/services-sessions-worker/values.staging.yaml +++ b/charts/services/services-sessions-worker/values.staging.yaml @@ -1,3238 +1,92 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-sessions-worker": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "REDIS_USE_SSL": "true" + }, + "features": {}, + "name": "services-sessions-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "services-sessions", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "100m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-sessions", + "redis": {}, + "accountName": "sessions-worker", + "cmds": "node", + "args": [ + "main.js", + "--job=worker" + ], + "postgres": { + "extensions": [ + "uuid-ossp" + ], + "readOnly": false, + "username": "services_sessions", + "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", + "name": "services_sessions" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "extensions": [ + "uuid-ossp" + ], + "readOnly": false, + "username": "services_sessions", + "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", + "name": "services_sessions" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-sessions/values.dev.yaml b/charts/services/services-sessions/values.dev.yaml index 58d9f8e96dbc..094fd86865d6 100644 --- a/charts/services/services-sessions/values.dev.yaml +++ b/charts/services/services-sessions/values.dev.yaml @@ -1,3563 +1,83 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-sessions": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "REDIS_USE_SSL": "true" + }, + "features": {}, + "name": "services-sessions", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "internal": { + "host": { + "dev": "sessions-api", + "staging": "sessions-api", + "prod": "sessions-api" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "services-sessions", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "250m", + "memory": "512Mi" + }, + "requests": { + "cpu": "25m", + "memory": "300Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-sessions", + "redis": {}, + "postgres": { + "readOnly": true, + "extensions": [ + "uuid-ossp" + ], + "username": "services_sessions_read", + "passwordSecret": "/k8s/services-sessions/readonly/DB_PASSWORD", + "name": "services_sessions" + }, + "replicaCount": { + "default": 1, + "min": 1, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-sessions/values.prod.yaml b/charts/services/services-sessions/values.prod.yaml index c7e37f4144c5..094fd86865d6 100644 --- a/charts/services/services-sessions/values.prod.yaml +++ b/charts/services/services-sessions/values.prod.yaml @@ -1,3379 +1,83 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-sessions": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "REDIS_USE_SSL": "true" + }, + "features": {}, + "name": "services-sessions", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "internal": { + "host": { + "dev": "sessions-api", + "staging": "sessions-api", + "prod": "sessions-api" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "services-sessions", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "250m", + "memory": "512Mi" + }, + "requests": { + "cpu": "25m", + "memory": "300Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-sessions", + "redis": {}, + "postgres": { + "readOnly": true, + "extensions": [ + "uuid-ossp" + ], + "username": "services_sessions_read", + "passwordSecret": "/k8s/services-sessions/readonly/DB_PASSWORD", + "name": "services_sessions" + }, + "replicaCount": { + "default": 1, + "min": 1, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-sessions/values.staging.yaml b/charts/services/services-sessions/values.staging.yaml index 227a2b0fcc6d..094fd86865d6 100644 --- a/charts/services/services-sessions/values.staging.yaml +++ b/charts/services/services-sessions/values.staging.yaml @@ -1,3238 +1,83 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-sessions": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "REDIS_USE_SSL": "true" + }, + "features": {}, + "name": "services-sessions", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "identity-server" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "internal": { + "host": { + "dev": "sessions-api", + "staging": "sessions-api", + "prod": "sessions-api" + }, + "paths": [ + "/" + ], + "public": false + } + }, + "namespace": "services-sessions", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "250m", + "memory": "512Mi" + }, + "requests": { + "cpu": "25m", + "memory": "300Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-sessions", + "redis": {}, + "postgres": { + "readOnly": true, + "extensions": [ + "uuid-ossp" + ], + "username": "services_sessions_read", + "passwordSecret": "/k8s/services-sessions/readonly/DB_PASSWORD", + "name": "services_sessions" + }, + "replicaCount": { + "default": 1, + "min": 1, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-university-gateway-worker/values.dev.yaml b/charts/services/services-university-gateway-worker/values.dev.yaml index 58d9f8e96dbc..653a09a5697a 100644 --- a/charts/services/services-university-gateway-worker/values.dev.yaml +++ b/charts/services/services-university-gateway-worker/values.dev.yaml @@ -1,3563 +1,189 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-university-gateway-worker": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-university-gateway-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "services-university-gateway", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "384Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", + "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", + "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "accountName": "services-university-gateway-worker", + "image": "services-university-gateway", + "cmds": "node", + "redis": {}, + "args": [ + "main.js", + "--job", + "worker" + ], + "postgres": { + "username": "services_university_gateway", + "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", + "name": "services_university_gateway" + }, + "extraAttributes": { + "dev": { + "schedule": "0 * * * *" + }, + "staging": { + "schedule": "0 2 * * *" + }, + "prod": { + "schedule": "0 * * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-university-gateway-worker/values.prod.yaml b/charts/services/services-university-gateway-worker/values.prod.yaml index c7e37f4144c5..653a09a5697a 100644 --- a/charts/services/services-university-gateway-worker/values.prod.yaml +++ b/charts/services/services-university-gateway-worker/values.prod.yaml @@ -1,3379 +1,189 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-university-gateway-worker": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-university-gateway-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "services-university-gateway", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "384Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", + "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", + "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "accountName": "services-university-gateway-worker", + "image": "services-university-gateway", + "cmds": "node", + "redis": {}, + "args": [ + "main.js", + "--job", + "worker" + ], + "postgres": { + "username": "services_university_gateway", + "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", + "name": "services_university_gateway" + }, + "extraAttributes": { + "dev": { + "schedule": "0 * * * *" + }, + "staging": { + "schedule": "0 2 * * *" + }, + "prod": { + "schedule": "0 * * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-university-gateway-worker/values.staging.yaml b/charts/services/services-university-gateway-worker/values.staging.yaml index 227a2b0fcc6d..653a09a5697a 100644 --- a/charts/services/services-university-gateway-worker/values.staging.yaml +++ b/charts/services/services-university-gateway-worker/values.staging.yaml @@ -1,3238 +1,189 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-university-gateway-worker": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-university-gateway-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "services-university-gateway", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "384Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", + "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", + "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "accountName": "services-university-gateway-worker", + "image": "services-university-gateway", + "cmds": "node", + "redis": {}, + "args": [ + "main.js", + "--job", + "worker" + ], + "postgres": { + "username": "services_university_gateway", + "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", + "name": "services_university_gateway" + }, + "extraAttributes": { + "dev": { + "schedule": "0 * * * *" + }, + "staging": { + "schedule": "0 2 * * *" + }, + "prod": { + "schedule": "0 * * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-university-gateway/values.dev.yaml b/charts/services/services-university-gateway/values.dev.yaml index 58d9f8e96dbc..68f29e9006dc 100644 --- a/charts/services/services-university-gateway/values.dev.yaml +++ b/charts/services/services-university-gateway/values.dev.yaml @@ -1,3563 +1,225 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-university-gateway": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-university-gateway", + "grantNamespaces": [ + "islandis", + "nginx-ingress-internal", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "services-university-gateway", + "staging": "services-university-gateway", + "prod": "services-university-gateway" + }, + "paths": [ + "/api" + ], + "public": false + } + }, + "namespace": "services-university-gateway", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "384Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", + "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", + "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "accountName": "services-university-gateway", + "image": "services-university-gateway", + "cmds": "node", + "redis": {}, + "args": [ + "main.js" + ], + "postgres": { + "username": "services_university_gateway", + "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", + "name": "services_university_gateway" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + }, + { + "name": "seed", + "command": "npx", + "args": [ + "sequelize-cli", + "db:seed:all" + ] + } + ], + "postgres": { + "username": "services_university_gateway", + "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", + "name": "services_university_gateway" + } + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-university-gateway/values.prod.yaml b/charts/services/services-university-gateway/values.prod.yaml index c7e37f4144c5..68f29e9006dc 100644 --- a/charts/services/services-university-gateway/values.prod.yaml +++ b/charts/services/services-university-gateway/values.prod.yaml @@ -1,3379 +1,225 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-university-gateway": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-university-gateway", + "grantNamespaces": [ + "islandis", + "nginx-ingress-internal", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "services-university-gateway", + "staging": "services-university-gateway", + "prod": "services-university-gateway" + }, + "paths": [ + "/api" + ], + "public": false + } + }, + "namespace": "services-university-gateway", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "384Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", + "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", + "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "accountName": "services-university-gateway", + "image": "services-university-gateway", + "cmds": "node", + "redis": {}, + "args": [ + "main.js" + ], + "postgres": { + "username": "services_university_gateway", + "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", + "name": "services_university_gateway" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + }, + { + "name": "seed", + "command": "npx", + "args": [ + "sequelize-cli", + "db:seed:all" + ] + } + ], + "postgres": { + "username": "services_university_gateway", + "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", + "name": "services_university_gateway" + } + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/services-university-gateway/values.staging.yaml b/charts/services/services-university-gateway/values.staging.yaml index 227a2b0fcc6d..68f29e9006dc 100644 --- a/charts/services/services-university-gateway/values.staging.yaml +++ b/charts/services/services-university-gateway/values.staging.yaml @@ -1,3238 +1,225 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "services-university-gateway": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "services-university-gateway", + "grantNamespaces": [ + "islandis", + "nginx-ingress-internal", + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "services-university-gateway", + "staging": "services-university-gateway", + "prod": "services-university-gateway" + }, + "paths": [ + "/api" + ], + "public": false + } + }, + "namespace": "services-university-gateway", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "384Mi" + }, + "requests": { + "cpu": "50m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", + "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { + "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", + "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", + "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { + "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { + "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", + "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", + "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" + } + } + } + }, + { + "config": { + "env": { + "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { + "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", + "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", + "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" + } + } + } + } + ], + "files": [], + "volumes": [], + "accountName": "services-university-gateway", + "image": "services-university-gateway", + "cmds": "node", + "redis": {}, + "args": [ + "main.js" + ], + "postgres": { + "username": "services_university_gateway", + "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", + "name": "services_university_gateway" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + }, + { + "name": "seed", + "command": "npx", + "args": [ + "sequelize-cli", + "db:seed:all" + ] + } + ], + "postgres": { + "username": "services_university_gateway", + "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", + "name": "services_university_gateway" + } + }, + "replicaCount": { + "default": 2, + "min": 2, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/skilavottord-web/values.dev.yaml b/charts/services/skilavottord-web/values.dev.yaml index 58d9f8e96dbc..58a5a3b4d18b 100644 --- a/charts/services/skilavottord-web/values.dev.yaml +++ b/charts/services/skilavottord-web/values.dev.yaml @@ -1,3563 +1,90 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "skilavottord-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "skilavottord-web", + "grantNamespaces": [ + "nginx-ingress-external" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_DOMAIN": "/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN", + "SKILAVOTTORD_WEB_IDS_CLIENT_SECRET": "/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET", + "IDENTITY_SERVER_LOGOUT_REDIRECT_URL": "/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL", + "NEXTAUTH_URL": "/k8s/skilavottord/web/NEXTAUTH_URL", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "paths": [ + "/app/skilavottord/" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "skilavottord", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "40m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 10, + "min": 2, + "scalingMagicNumber": 8 + } + } + } +} \ No newline at end of file diff --git a/charts/services/skilavottord-web/values.prod.yaml b/charts/services/skilavottord-web/values.prod.yaml index c7e37f4144c5..58a5a3b4d18b 100644 --- a/charts/services/skilavottord-web/values.prod.yaml +++ b/charts/services/skilavottord-web/values.prod.yaml @@ -1,3379 +1,90 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "skilavottord-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "skilavottord-web", + "grantNamespaces": [ + "nginx-ingress-external" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_DOMAIN": "/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN", + "SKILAVOTTORD_WEB_IDS_CLIENT_SECRET": "/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET", + "IDENTITY_SERVER_LOGOUT_REDIRECT_URL": "/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL", + "NEXTAUTH_URL": "/k8s/skilavottord/web/NEXTAUTH_URL", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "paths": [ + "/app/skilavottord/" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "skilavottord", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "40m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 10, + "min": 2, + "scalingMagicNumber": 8 + } + } + } +} \ No newline at end of file diff --git a/charts/services/skilavottord-web/values.staging.yaml b/charts/services/skilavottord-web/values.staging.yaml index 227a2b0fcc6d..58a5a3b4d18b 100644 --- a/charts/services/skilavottord-web/values.staging.yaml +++ b/charts/services/skilavottord-web/values.staging.yaml @@ -1,3238 +1,90 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "skilavottord-web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "skilavottord-web", + "grantNamespaces": [ + "nginx-ingress-external" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "IDENTITY_SERVER_DOMAIN": "/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN", + "SKILAVOTTORD_WEB_IDS_CLIENT_SECRET": "/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET", + "IDENTITY_SERVER_LOGOUT_REDIRECT_URL": "/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL", + "NEXTAUTH_URL": "/k8s/skilavottord/web/NEXTAUTH_URL", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "paths": [ + "/app/skilavottord/" + ], + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "skilavottord", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "40m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 10, + "min": 2, + "scalingMagicNumber": 8 + } + } + } +} \ No newline at end of file diff --git a/charts/services/skilavottord-ws/values.dev.yaml b/charts/services/skilavottord-ws/values.dev.yaml index 58d9f8e96dbc..59a70813f55e 100644 --- a/charts/services/skilavottord-ws/values.dev.yaml +++ b/charts/services/skilavottord-ws/values.dev.yaml @@ -1,3563 +1,105 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "skilavottord-ws": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "skilavottord-ws", + "grantNamespaces": [ + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SAMGONGUSTOFA_SOAP_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL", + "SAMGONGUSTOFA_REST_AUTH_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL", + "SAMGONGUSTOFA_REST_DEREG_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL", + "FJARSYSLA_REST_URL": "/k8s/skilavottord-ws/FJARSYSLA_REST_URL", + "SAMGONGUSTOFA_REST_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS", + "SAMGONGUSTOFA_SOAP_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS", + "FJARSYSLA_REST_PASS": "/k8s/skilavottord/FJARSYSLA_REST_PASS", + "SAMGONGUSTOFA_SOAP_USER": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER", + "SAMGONGUSTOFA_REST_USER": "/k8s/skilavottord/SAMGONGUSTOFA_REST_USER", + "FJARSYSLA_REST_USER": "/k8s/skilavottord/FJARSYSLA_REST_USER" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "paths": [ + "/app/skilavottord/api/graphql" + ] + } + }, + "namespace": "skilavottord", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "40m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "postgres": { + "name": "skilavottord", + "username": "skilavottord", + "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "skilavottord", + "username": "skilavottord", + "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/skilavottord-ws/values.prod.yaml b/charts/services/skilavottord-ws/values.prod.yaml index c7e37f4144c5..59a70813f55e 100644 --- a/charts/services/skilavottord-ws/values.prod.yaml +++ b/charts/services/skilavottord-ws/values.prod.yaml @@ -1,3379 +1,105 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "skilavottord-ws": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "skilavottord-ws", + "grantNamespaces": [ + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SAMGONGUSTOFA_SOAP_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL", + "SAMGONGUSTOFA_REST_AUTH_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL", + "SAMGONGUSTOFA_REST_DEREG_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL", + "FJARSYSLA_REST_URL": "/k8s/skilavottord-ws/FJARSYSLA_REST_URL", + "SAMGONGUSTOFA_REST_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS", + "SAMGONGUSTOFA_SOAP_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS", + "FJARSYSLA_REST_PASS": "/k8s/skilavottord/FJARSYSLA_REST_PASS", + "SAMGONGUSTOFA_SOAP_USER": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER", + "SAMGONGUSTOFA_REST_USER": "/k8s/skilavottord/SAMGONGUSTOFA_REST_USER", + "FJARSYSLA_REST_USER": "/k8s/skilavottord/FJARSYSLA_REST_USER" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "paths": [ + "/app/skilavottord/api/graphql" + ] + } + }, + "namespace": "skilavottord", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "40m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "postgres": { + "name": "skilavottord", + "username": "skilavottord", + "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "skilavottord", + "username": "skilavottord", + "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/skilavottord-ws/values.staging.yaml b/charts/services/skilavottord-ws/values.staging.yaml index 227a2b0fcc6d..59a70813f55e 100644 --- a/charts/services/skilavottord-ws/values.staging.yaml +++ b/charts/services/skilavottord-ws/values.staging.yaml @@ -1,3238 +1,105 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "skilavottord-ws": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + } + }, + "features": {}, + "name": "skilavottord-ws", + "grantNamespaces": [ + "application-system" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "SAMGONGUSTOFA_SOAP_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL", + "SAMGONGUSTOFA_REST_AUTH_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL", + "SAMGONGUSTOFA_REST_DEREG_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL", + "FJARSYSLA_REST_URL": "/k8s/skilavottord-ws/FJARSYSLA_REST_URL", + "SAMGONGUSTOFA_REST_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS", + "SAMGONGUSTOFA_SOAP_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS", + "FJARSYSLA_REST_PASS": "/k8s/skilavottord/FJARSYSLA_REST_PASS", + "SAMGONGUSTOFA_SOAP_USER": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER", + "SAMGONGUSTOFA_REST_USER": "/k8s/skilavottord/SAMGONGUSTOFA_REST_USER", + "FJARSYSLA_REST_USER": "/k8s/skilavottord/FJARSYSLA_REST_USER" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "paths": [ + "/app/skilavottord/api/graphql" + ] + } + }, + "namespace": "skilavottord", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "512Mi" + }, + "requests": { + "cpu": "40m", + "memory": "256Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "postgres": { + "name": "skilavottord", + "username": "skilavottord", + "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "skilavottord", + "username": "skilavottord", + "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/unicorn-app/values.dev.yaml b/charts/services/unicorn-app/values.dev.yaml index 58d9f8e96dbc..bb8aa12ff746 100644 --- a/charts/services/unicorn-app/values.dev.yaml +++ b/charts/services/unicorn-app/values.dev.yaml @@ -1,3563 +1,62 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "unicorn-app": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "unicorn-app", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": { + "primary": { + "host": { + "dev": "unicorn-app", + "staging": "unicorn-app", + "prod": "unicorn-app" + }, + "paths": [ + "/" + ] + } + }, + "namespace": "unicorn-app", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "256Mi" + }, + "requests": { + "cpu": "50m", + "memory": "128Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "unicorn-app", + "accountName": "unicorn-app", + "replicaCount": { + "default": 1, + "min": 1, + "max": 10 + } + } + } +} \ No newline at end of file diff --git a/charts/services/user-notification-cleanup-worker/values.dev.yaml b/charts/services/user-notification-cleanup-worker/values.dev.yaml index 58d9f8e96dbc..4622269cc975 100644 --- a/charts/services/user-notification-cleanup-worker/values.dev.yaml +++ b/charts/services/user-notification-cleanup-worker/values.dev.yaml @@ -1,3563 +1,88 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "user-notification-cleanup-worker": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "user-notification-cleanup-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "user-notification", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-user-notification", + "accountName": "user-notification-cleanup-worker", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js", + "--job=cleanup" + ], + "postgres": { + "name": "user_notification", + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "user_notification", + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD" + } + }, + "extraAttributes": { + "dev": { + "schedule": "@hourly" + }, + "staging": { + "schedule": "@midnight" + }, + "prod": { + "schedule": "@midnight" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/user-notification-cleanup-worker/values.prod.yaml b/charts/services/user-notification-cleanup-worker/values.prod.yaml index c7e37f4144c5..4622269cc975 100644 --- a/charts/services/user-notification-cleanup-worker/values.prod.yaml +++ b/charts/services/user-notification-cleanup-worker/values.prod.yaml @@ -1,3379 +1,88 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "user-notification-cleanup-worker": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "user-notification-cleanup-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "user-notification", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-user-notification", + "accountName": "user-notification-cleanup-worker", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js", + "--job=cleanup" + ], + "postgres": { + "name": "user_notification", + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "user_notification", + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD" + } + }, + "extraAttributes": { + "dev": { + "schedule": "@hourly" + }, + "staging": { + "schedule": "@midnight" + }, + "prod": { + "schedule": "@midnight" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/user-notification-cleanup-worker/values.staging.yaml b/charts/services/user-notification-cleanup-worker/values.staging.yaml index 227a2b0fcc6d..4622269cc975 100644 --- a/charts/services/user-notification-cleanup-worker/values.staging.yaml +++ b/charts/services/user-notification-cleanup-worker/values.staging.yaml @@ -1,3238 +1,88 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "user-notification-cleanup-worker": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": {}, + "features": {}, + "name": "user-notification-cleanup-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "user-notification", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "image": "services-user-notification", + "accountName": "user-notification-cleanup-worker", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js", + "--job=cleanup" + ], + "postgres": { + "name": "user_notification", + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "name": "user_notification", + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD" + } + }, + "extraAttributes": { + "dev": { + "schedule": "@hourly" + }, + "staging": { + "schedule": "@midnight" + }, + "prod": { + "schedule": "@midnight" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/user-notification-worker/values.dev.yaml b/charts/services/user-notification-worker/values.dev.yaml index 58d9f8e96dbc..2471755417a9 100644 --- a/charts/services/user-notification-worker/values.dev.yaml +++ b/charts/services/user-notification-worker/values.dev.yaml @@ -1,3563 +1,192 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "user-notification-worker": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "MAIN_QUEUE_NAME": "user-notification", + "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", + "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", + "EMAIL_FROM_ADDRESS": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "noreply@island.is" + }, + "REDIS_USE_SSL": "true", + "EMAIL_REGION": "eu-west-1", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + } + }, + "features": {}, + "name": "user-notification-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", + "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "user-notification", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "384Mi" + }, + "requests": { + "cpu": "150m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-user-notification", + "accountName": "user-notification-worker", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js", + "--job=worker" + ], + "postgres": { + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD", + "name": "user_notification" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD", + "name": "user_notification" + } + }, + "redis": {}, + "replicaCount": { + "min": 1, + "max": 2, + "default": 1 + } + } + } +} \ No newline at end of file diff --git a/charts/services/user-notification-worker/values.prod.yaml b/charts/services/user-notification-worker/values.prod.yaml index c7e37f4144c5..2471755417a9 100644 --- a/charts/services/user-notification-worker/values.prod.yaml +++ b/charts/services/user-notification-worker/values.prod.yaml @@ -1,3379 +1,192 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "user-notification-worker": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "MAIN_QUEUE_NAME": "user-notification", + "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", + "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", + "EMAIL_FROM_ADDRESS": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "noreply@island.is" + }, + "REDIS_USE_SSL": "true", + "EMAIL_REGION": "eu-west-1", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + } + }, + "features": {}, + "name": "user-notification-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", + "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "user-notification", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "384Mi" + }, + "requests": { + "cpu": "150m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-user-notification", + "accountName": "user-notification-worker", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js", + "--job=worker" + ], + "postgres": { + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD", + "name": "user_notification" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD", + "name": "user_notification" + } + }, + "redis": {}, + "replicaCount": { + "min": 1, + "max": 2, + "default": 1 + } + } + } +} \ No newline at end of file diff --git a/charts/services/user-notification-worker/values.staging.yaml b/charts/services/user-notification-worker/values.staging.yaml index 227a2b0fcc6d..2471755417a9 100644 --- a/charts/services/user-notification-worker/values.staging.yaml +++ b/charts/services/user-notification-worker/values.staging.yaml @@ -1,3238 +1,192 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "user-notification-worker": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "MAIN_QUEUE_NAME": "user-notification", + "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", + "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", + "EMAIL_FROM_ADDRESS": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "noreply@island.is" + }, + "REDIS_USE_SSL": "true", + "EMAIL_REGION": "eu-west-1", + "CONTENTFUL_HOST": { + "dev": "preview.contentful.com", + "staging": "cdn.contentful.com", + "prod": "cdn.contentful.com" + } + }, + "features": {}, + "name": "user-notification-worker", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", + "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": {}, + "namespace": "user-notification", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "384Mi" + }, + "requests": { + "cpu": "150m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-user-notification", + "accountName": "user-notification-worker", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js", + "--job=worker" + ], + "postgres": { + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD", + "name": "user_notification" + }, + "initContainers": { + "envs": {}, + "secrets": {}, + "features": {}, + "containers": [ + { + "name": "migrations", + "command": "npx", + "args": [ + "sequelize-cli", + "db:migrate" + ] + } + ], + "postgres": { + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD", + "name": "user_notification" + } + }, + "redis": {}, + "replicaCount": { + "min": 1, + "max": 2, + "default": 1 + } + } + } +} \ No newline at end of file diff --git a/charts/services/user-notification/values.dev.yaml b/charts/services/user-notification/values.dev.yaml index 58d9f8e96dbc..1a9989fe850f 100644 --- a/charts/services/user-notification/values.dev.yaml +++ b/charts/services/user-notification/values.dev.yaml @@ -1,3563 +1,190 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "user-notification": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "MAIN_QUEUE_NAME": "user-notification", + "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", + "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", + "EMAIL_FROM_ADDRESS": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "noreply@island.is" + }, + "REDIS_USE_SSL": "true" + }, + "features": {}, + "name": "user-notification", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "identity-server-delegation" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", + "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "user-notification-xrd", + "staging": "user-notification-xrd", + "prod": "user-notification-xrd" + }, + "paths": [ + "/" + ], + "public": false, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "user-notification", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "384Mi" + }, + "requests": { + "cpu": "150m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-user-notification", + "accountName": "user-notification", + "postgres": { + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD", + "name": "user_notification" + }, + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ], + "redis": {} + } + } +} \ No newline at end of file diff --git a/charts/services/user-notification/values.prod.yaml b/charts/services/user-notification/values.prod.yaml index c7e37f4144c5..1a9989fe850f 100644 --- a/charts/services/user-notification/values.prod.yaml +++ b/charts/services/user-notification/values.prod.yaml @@ -1,3379 +1,190 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "user-notification": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "MAIN_QUEUE_NAME": "user-notification", + "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", + "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", + "EMAIL_FROM_ADDRESS": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "noreply@island.is" + }, + "REDIS_USE_SSL": "true" + }, + "features": {}, + "name": "user-notification", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "identity-server-delegation" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", + "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "user-notification-xrd", + "staging": "user-notification-xrd", + "prod": "user-notification-xrd" + }, + "paths": [ + "/" + ], + "public": false, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "user-notification", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "384Mi" + }, + "requests": { + "cpu": "150m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-user-notification", + "accountName": "user-notification", + "postgres": { + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD", + "name": "user_notification" + }, + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ], + "redis": {} + } + } +} \ No newline at end of file diff --git a/charts/services/user-notification/values.staging.yaml b/charts/services/user-notification/values.staging.yaml index 227a2b0fcc6d..1a9989fe850f 100644 --- a/charts/services/user-notification/values.staging.yaml +++ b/charts/services/user-notification/values.staging.yaml @@ -1,3238 +1,190 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "user-notification": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/health/check", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "MAIN_QUEUE_NAME": "user-notification", + "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", + "IDENTITY_SERVER_ISSUER_URL": { + "dev": "https://identity-server.dev01.devland.is", + "staging": "https://identity-server.staging01.devland.is", + "prod": "https://innskra.island.is" + }, + "AUTH_DELEGATION_API_URL": { + "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", + "prod": "https://auth-delegation-api.internal.innskra.island.is" + }, + "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", + "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", + "EMAIL_FROM_ADDRESS": { + "dev": "development@island.is", + "staging": "development@island.is", + "prod": "noreply@island.is" + }, + "REDIS_USE_SSL": "true" + }, + "features": {}, + "name": "user-notification", + "grantNamespaces": [ + "nginx-ingress-internal", + "islandis", + "identity-server-delegation" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", + "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", + "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", + "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", + "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" + }, + "ingress": { + "primary": { + "host": { + "dev": "user-notification-xrd", + "staging": "user-notification-xrd", + "prod": "user-notification-xrd" + }, + "paths": [ + "/" + ], + "public": false, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + } + } + }, + "namespace": "user-notification", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "400m", + "memory": "384Mi" + }, + "requests": { + "cpu": "150m", + "memory": "256Mi" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + }, + { + "config": { + "env": { + "NATIONAL_REGISTRY_B2C_CLIENT_ID": { + "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", + "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", + "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" + }, + "NATIONAL_REGISTRY_B2C_ENDPOINT": { + "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", + "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" + }, + "NATIONAL_REGISTRY_B2C_SCOPE": { + "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", + "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", + "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" + }, + "NATIONAL_REGISTRY_B2C_PATH": { + "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", + "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", + "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" + } + } + } + }, + { + "config": { + "env": { + "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { + "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", + "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", + "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" + }, + "COMPANY_REGISTRY_REDIS_NODES": { + "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", + "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", + "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-user-notification", + "accountName": "user-notification", + "postgres": { + "username": "user_notification", + "passwordSecret": "/k8s/user-notification/DB_PASSWORD", + "name": "user_notification" + }, + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ], + "redis": {} + } + } +} \ No newline at end of file diff --git a/charts/services/web/values.dev.yaml b/charts/services/web/values.dev.yaml index 58d9f8e96dbc..08a6fd530638 100644 --- a/charts/services/web/values.dev.yaml +++ b/charts/services/web/values.dev.yaml @@ -1,3563 +1,117 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 20 + }, + "env": { + "TRACKING_DOMAIN": { + "dev": "beta.dev01.devland.is", + "staging": "beta.staging01.devland.is", + "prod": "island.is" + }, + "DISABLE_API_CATALOGUE": { + "dev": "false", + "staging": "false", + "prod": "false" + }, + "DISABLE_SYSLUMENN_PAGE": { + "dev": "false", + "staging": "false", + "prod": "false" + }, + "DISABLE_ORGANIZATION_CHATBOT": { + "dev": "false", + "staging": "false", + "prod": "false" + } + }, + "features": {}, + "name": "web", + "grantNamespaces": [ + "nginx-ingress-external", + "api-catalogue", + "application-system", + "consultation-portal", + "search-indexer" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/" + ] + } + }, + "namespace": "islandis", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "1000m", + "memory": "768Mi" + }, + "requests": { + "cpu": "300m", + "memory": "384Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 50, + "min": 2 + }, + "extraAttributes": { + "dev": {}, + "staging": { + "basicAuth": "/k8s/web/basic_auth" + }, + "prod": {} + } + } + } +} \ No newline at end of file diff --git a/charts/services/web/values.prod.yaml b/charts/services/web/values.prod.yaml index c7e37f4144c5..08a6fd530638 100644 --- a/charts/services/web/values.prod.yaml +++ b/charts/services/web/values.prod.yaml @@ -1,3379 +1,117 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 20 + }, + "env": { + "TRACKING_DOMAIN": { + "dev": "beta.dev01.devland.is", + "staging": "beta.staging01.devland.is", + "prod": "island.is" + }, + "DISABLE_API_CATALOGUE": { + "dev": "false", + "staging": "false", + "prod": "false" + }, + "DISABLE_SYSLUMENN_PAGE": { + "dev": "false", + "staging": "false", + "prod": "false" + }, + "DISABLE_ORGANIZATION_CHATBOT": { + "dev": "false", + "staging": "false", + "prod": "false" + } + }, + "features": {}, + "name": "web", + "grantNamespaces": [ + "nginx-ingress-external", + "api-catalogue", + "application-system", + "consultation-portal", + "search-indexer" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/" + ] + } + }, + "namespace": "islandis", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "1000m", + "memory": "768Mi" + }, + "requests": { + "cpu": "300m", + "memory": "384Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 50, + "min": 2 + }, + "extraAttributes": { + "dev": {}, + "staging": { + "basicAuth": "/k8s/web/basic_auth" + }, + "prod": {} + } + } + } +} \ No newline at end of file diff --git a/charts/services/web/values.staging.yaml b/charts/services/web/values.staging.yaml index 227a2b0fcc6d..08a6fd530638 100644 --- a/charts/services/web/values.staging.yaml +++ b/charts/services/web/values.staging.yaml @@ -1,3238 +1,117 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "web": { + "serviceDef": { + "liveness": { + "path": "/liveness", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/readiness", + "timeoutSeconds": 3, + "initialDelaySeconds": 20 + }, + "env": { + "TRACKING_DOMAIN": { + "dev": "beta.dev01.devland.is", + "staging": "beta.staging01.devland.is", + "prod": "island.is" + }, + "DISABLE_API_CATALOGUE": { + "dev": "false", + "staging": "false", + "prod": "false" + }, + "DISABLE_SYSLUMENN_PAGE": { + "dev": "false", + "staging": "false", + "prod": "false" + }, + "DISABLE_ORGANIZATION_CHATBOT": { + "dev": "false", + "staging": "false", + "prod": "false" + } + }, + "features": {}, + "name": "web", + "grantNamespaces": [ + "nginx-ingress-external", + "api-catalogue", + "application-system", + "consultation-portal", + "search-indexer" + ], + "grantNamespacesEnabled": true, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", + "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", + "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" + }, + "ingress": { + "primary": { + "host": { + "dev": [ + "beta" + ], + "staging": [ + "beta" + ], + "prod": [ + "", + "www.island.is" + ] + }, + "extraAnnotations": { + "dev": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "staging": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + }, + "prod": { + "nginx.ingress.kubernetes.io/proxy-buffering": "on", + "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" + } + }, + "paths": [ + "/" + ] + } + }, + "namespace": "islandis", + "serviceAccountEnabled": false, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "cpu": "1000m", + "memory": "768Mi" + }, + "requests": { + "cpu": "300m", + "memory": "384Mi" + } + }, + "xroadConfig": [], + "files": [], + "volumes": [], + "replicaCount": { + "default": 2, + "max": 50, + "min": 2 + }, + "extraAttributes": { + "dev": {}, + "staging": { + "basicAuth": "/k8s/web/basic_auth" + }, + "prod": {} + } + } + } +} \ No newline at end of file diff --git a/charts/services/xroad-collector/values.dev.yaml b/charts/services/xroad-collector/values.dev.yaml index 58d9f8e96dbc..de0ca24b8296 100644 --- a/charts/services/xroad-collector/values.dev.yaml +++ b/charts/services/xroad-collector/values.dev.yaml @@ -1,3563 +1,104 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -external-contracts-tests: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -github-actions-cache: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'dev' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'consultation-portal' - - 'islandis' - - 'search-indexer' - - 'xroad-collector' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'github-actions-cache' - - 'user-notification' - - 'external-contracts-tests' - - 'contentful-entry-tagger' - - 'license-api' - - 'services-sessions' - - 'contentful-apps' - - 'services-university-gateway' - - 'unicorn-app' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "xroad-collector": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "NODE_TLS_REJECT_UNAUTHORIZED": "0", + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + } + }, + "features": {}, + "name": "xroad-collector", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "xroad-collector", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-xroad-collector", + "accountName": "xroad-collector", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ], + "extraAttributes": { + "dev": { + "schedule": "0 2 * * *" + }, + "staging": { + "schedule": "0 2 * * *" + }, + "prod": { + "schedule": "0 2 * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/xroad-collector/values.prod.yaml b/charts/services/xroad-collector/values.prod.yaml index c7e37f4144c5..de0ca24b8296 100644 --- a/charts/services/xroad-collector/values.prod.yaml +++ b/charts/services/xroad-collector/values.prod.yaml @@ -1,3379 +1,104 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -contentful-apps: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' -contentful-entry-tagger-service: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'search-indexer' - - 'skilavottord' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' - - 'contentful-apps' - - 'contentful-entry-tagger' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "xroad-collector": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "NODE_TLS_REJECT_UNAUTHORIZED": "0", + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + } + }, + "features": {}, + "name": "xroad-collector", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "xroad-collector", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-xroad-collector", + "accountName": "xroad-collector", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ], + "extraAttributes": { + "dev": { + "schedule": "0 2 * * *" + }, + "staging": { + "schedule": "0 2 * * *" + }, + "prod": { + "schedule": "0 2 * * *" + } + } + } + } +} \ No newline at end of file diff --git a/charts/services/xroad-collector/values.staging.yaml b/charts/services/xroad-collector/values.staging.yaml index 227a2b0fcc6d..de0ca24b8296 100644 --- a/charts/services/xroad-collector/values.staging.yaml +++ b/charts/services/xroad-collector/values.staging.yaml @@ -1,3238 +1,104 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -air-discount-scheme-api: - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' -air-discount-scheme-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -air-discount-scheme-web: - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' -application-system-api: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' -application-system-api-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' -application-system-form: - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -consultation-portal: - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -download-service: - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false -endorsement-system-api: - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -icelandic-names-registry-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -island-ui-storybook: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false -license-api: - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -namespaces: - labels: {} - namespaces: - - 'application-system' - - 'service-portal' - - 'portals-admin' - - 'islandis' - - 'consultation-portal' - - 'skilavottord' - - 'search-indexer' - - 'services-documents' - - 'storybook' - - 'xroad-collector' - - 'download-service' - - 'icelandic-names-registry' - - 'endorsement-system' - - 'air-discount-scheme' - - 'regulations-admin' - - 'user-notification' - - 'license-api' - - 'services-sessions' - - 'services-university-gateway' -portals-admin: - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -regulations-admin-backend: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false -search-indexer-service: - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' -service-portal: - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -service-portal-api: - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' -services-bff-portals-admin: - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' -services-documents: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-cleanup: - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false -services-sessions-worker: - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' -services-university-gateway: - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' -services-university-gateway-worker: - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' -skilavottord-web: - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false -skilavottord-ws: - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false -user-notification: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' -user-notification-cleanup-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' -user-notification-worker: - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' -web: - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false -xroad-collector: - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' +{ + "xroad-collector": { + "serviceDef": { + "liveness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "readiness": { + "path": "/", + "timeoutSeconds": 3, + "initialDelaySeconds": 3 + }, + "env": { + "NODE_TLS_REJECT_UNAUTHORIZED": "0", + "ELASTIC_NODE": { + "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", + "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", + "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" + } + }, + "features": {}, + "name": "xroad-collector", + "grantNamespaces": [], + "grantNamespacesEnabled": false, + "secrets": { + "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" + }, + "ingress": {}, + "namespace": "xroad-collector", + "serviceAccountEnabled": true, + "securityContext": { + "privileged": false, + "allowPrivilegeEscalation": false + }, + "resources": { + "limits": { + "memory": "256Mi", + "cpu": "200m" + }, + "requests": { + "memory": "128Mi", + "cpu": "100m" + } + }, + "xroadConfig": [ + { + "config": { + "env": { + "XROAD_BASE_PATH": { + "prod": "http://securityserver.island.is" + }, + "XROAD_BASE_PATH_WITH_ENV": { + "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "http://securityserver.island.is/r1/IS" + }, + "XROAD_TLS_BASE_PATH": { + "dev": "https://securityserver.dev01.devland.is", + "staging": "https://securityserver.staging01.devland.is", + "prod": "https://securityserver.island.is" + }, + "XROAD_TLS_BASE_PATH_WITH_ENV": { + "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", + "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", + "prod": "https://securityserver.island.is/r1/IS" + } + } + } + }, + { + "config": { + "env": { + "XROAD_CLIENT_ID": { + "dev": "IS-DEV/GOV/10000/island-is-client", + "staging": "IS-TEST/GOV/5501692829/island-is-client", + "prod": "IS/GOV/5501692829/island-is-client" + } + } + } + } + ], + "files": [], + "volumes": [], + "image": "services-xroad-collector", + "accountName": "xroad-collector", + "cmds": "node", + "args": [ + "--no-experimental-fetch", + "main.js" + ], + "extraAttributes": { + "dev": { + "schedule": "0 2 * * *" + }, + "staging": { + "schedule": "0 2 * * *" + }, + "prod": { + "schedule": "0 2 * * *" + } + } + } + } +} \ No newline at end of file diff --git a/infra/src/cli/generate-chart-values.ts b/infra/src/cli/generate-chart-values.ts index 14909cf66007..db5732079373 100755 --- a/infra/src/cli/generate-chart-values.ts +++ b/infra/src/cli/generate-chart-values.ts @@ -30,15 +30,22 @@ import path from 'path' // Write individual service values files for (const service of services) { + const serviceName = service.name() const serviceDir = path.join( __dirname, '/../../../charts/services', - service.name(), + serviceName, ) mkdirSync(serviceDir, { recursive: true }) + + // Create service-specific values by isolating just that service's section + const serviceValues = { + [serviceName]: service, + } + writeFileSync( path.join(serviceDir, `values.${Envs[envName].type}.yaml`), - renderedValues, // For now, writing the same values - we can modify this later + JSON.stringify(serviceValues, null, 2), // or however you format your YAML { encoding: 'utf8' }, ) } From 8b013d6efadbe8c3e45ec79b99e16792624bc6dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 13 Nov 2024 00:15:46 +0000 Subject: [PATCH 22/50] fix: set service toplevel --- .../air-discount-scheme-api/values.dev.yaml | 173 +-- .../air-discount-scheme-api/values.prod.yaml | 170 +- .../values.staging.yaml | 173 +-- .../values.dev.yaml | 302 ++-- .../values.prod.yaml | 297 ++-- .../values.staging.yaml | 302 ++-- .../air-discount-scheme-web/values.dev.yaml | 184 +-- .../air-discount-scheme-web/values.prod.yaml | 180 +-- .../values.staging.yaml | 184 +-- charts/services/api/values.dev.yaml | 1370 ++++------------- charts/services/api/values.prod.yaml | 1370 ++++------------- charts/services/api/values.staging.yaml | 1367 ++++------------ .../values.dev.yaml | 305 ++-- .../values.prod.yaml | 305 ++-- .../values.staging.yaml | 305 ++-- .../application-system-api/values.dev.yaml | 1107 +++---------- .../application-system-api/values.prod.yaml | 1107 +++---------- .../values.staging.yaml | 1107 +++---------- .../application-system-form/values.dev.yaml | 164 +- .../application-system-form/values.prod.yaml | 167 +- .../values.staging.yaml | 164 +- .../services/auth-admin-web/values.dev.yaml | 179 +-- .../services/auth-admin-web/values.prod.yaml | 177 +-- .../auth-admin-web/values.staging.yaml | 179 +-- .../consultation-portal/values.dev.yaml | 170 +- .../consultation-portal/values.prod.yaml | 173 +-- .../consultation-portal/values.staging.yaml | 170 +- .../services/contentful-apps/values.dev.yaml | 126 +- .../services/contentful-apps/values.prod.yaml | 126 +- .../values.dev.yaml | 125 +- .../values.prod.yaml | 125 +- .../services/download-service/values.dev.yaml | 377 ++--- .../download-service/values.prod.yaml | 376 ++--- .../download-service/values.staging.yaml | 377 ++--- .../endorsement-system-api/values.dev.yaml | 300 ++-- .../endorsement-system-api/values.prod.yaml | 300 ++-- .../values.staging.yaml | 300 ++-- .../external-contracts-tests/values.dev.yaml | 158 +- .../github-actions-cache/values.dev.yaml | 154 +- .../values.dev.yaml | 177 +-- .../values.prod.yaml | 177 +-- .../values.staging.yaml | 177 +-- .../services/identity-server/values.dev.yaml | 326 ++-- .../services/identity-server/values.prod.yaml | 325 ++-- .../identity-server/values.staging.yaml | 326 ++-- .../island-ui-storybook/values.dev.yaml | 115 +- .../island-ui-storybook/values.prod.yaml | 115 +- .../island-ui-storybook/values.staging.yaml | 115 +- .../judicial-system-api/values.dev.yaml | 214 ++- .../judicial-system-api/values.prod.yaml | 214 ++- .../judicial-system-api/values.staging.yaml | 214 ++- .../judicial-system-backend/values.dev.yaml | 338 ++-- .../judicial-system-backend/values.prod.yaml | 338 ++-- .../values.staging.yaml | 338 ++-- .../values.dev.yaml | 145 +- .../values.prod.yaml | 145 +- .../values.staging.yaml | 145 +- .../values.dev.yaml | 122 +- .../values.prod.yaml | 122 +- .../values.staging.yaml | 122 +- .../judicial-system-robot-api/values.dev.yaml | 137 +- .../values.prod.yaml | 137 +- .../values.staging.yaml | 137 +- .../judicial-system-scheduler/values.dev.yaml | 141 +- .../values.prod.yaml | 141 +- .../values.staging.yaml | 141 +- .../judicial-system-web/values.dev.yaml | 141 +- .../judicial-system-web/values.prod.yaml | 141 +- .../judicial-system-web/values.staging.yaml | 141 +- .../judicial-system-xrd-api/values.dev.yaml | 138 +- .../judicial-system-xrd-api/values.prod.yaml | 138 +- .../values.staging.yaml | 138 +- charts/services/license-api/values.dev.yaml | 292 ++-- charts/services/license-api/values.prod.yaml | 292 ++-- .../services/license-api/values.staging.yaml | 292 ++-- charts/services/portals-admin/values.dev.yaml | 162 +- .../services/portals-admin/values.prod.yaml | 165 +- .../portals-admin/values.staging.yaml | 162 +- .../regulations-admin-backend/values.dev.yaml | 242 ++- .../values.prod.yaml | 242 ++- .../values.staging.yaml | 242 ++- .../search-indexer-service/values.dev.yaml | 338 ++-- .../search-indexer-service/values.prod.yaml | 337 ++-- .../values.staging.yaml | 338 ++-- .../service-portal-api/values.dev.yaml | 323 ++-- .../service-portal-api/values.prod.yaml | 323 ++-- .../service-portal-api/values.staging.yaml | 323 ++-- .../services/service-portal/values.dev.yaml | 173 +-- .../services/service-portal/values.prod.yaml | 176 +-- .../service-portal/values.staging.yaml | 173 +-- .../services-auth-admin-api/values.dev.yaml | 279 ++-- .../services-auth-admin-api/values.prod.yaml | 279 ++-- .../values.staging.yaml | 279 ++-- .../values.dev.yaml | 265 ++-- .../values.prod.yaml | 265 ++-- .../values.staging.yaml | 265 ++-- .../values.dev.yaml | 138 +- .../values.prod.yaml | 138 +- .../values.staging.yaml | 138 +- .../services-auth-ids-api/values.dev.yaml | 372 ++--- .../services-auth-ids-api/values.prod.yaml | 372 ++--- .../services-auth-ids-api/values.staging.yaml | 372 ++--- .../values.dev.yaml | 136 +- .../values.prod.yaml | 136 +- .../values.staging.yaml | 136 +- .../values.dev.yaml | 250 ++- .../values.prod.yaml | 250 ++- .../values.staging.yaml | 250 ++- .../services-auth-public-api/values.dev.yaml | 307 ++-- .../services-auth-public-api/values.prod.yaml | 307 ++-- .../values.staging.yaml | 307 ++-- .../values.dev.yaml | 217 +-- .../values.prod.yaml | 219 ++- .../values.staging.yaml | 217 +-- .../services-documents/values.dev.yaml | 158 +- .../services-documents/values.prod.yaml | 158 +- .../services-documents/values.staging.yaml | 158 +- .../services-sessions-cleanup/values.dev.yaml | 132 +- .../values.prod.yaml | 132 +- .../values.staging.yaml | 132 +- .../services-sessions-worker/values.dev.yaml | 188 +-- .../services-sessions-worker/values.prod.yaml | 188 +-- .../values.staging.yaml | 188 +-- .../services-sessions/values.dev.yaml | 151 +- .../services-sessions/values.prod.yaml | 151 +- .../services-sessions/values.staging.yaml | 151 +- .../values.dev.yaml | 275 ++-- .../values.prod.yaml | 275 ++-- .../values.staging.yaml | 275 ++-- .../values.dev.yaml | 353 ++--- .../values.prod.yaml | 353 ++--- .../values.staging.yaml | 353 ++--- .../services/skilavottord-web/values.dev.yaml | 158 +- .../skilavottord-web/values.prod.yaml | 161 +- .../skilavottord-web/values.staging.yaml | 158 +- .../services/skilavottord-ws/values.dev.yaml | 202 ++- .../services/skilavottord-ws/values.prod.yaml | 205 ++- .../skilavottord-ws/values.staging.yaml | 202 ++- charts/services/unicorn-app/values.dev.yaml | 126 +- .../values.dev.yaml | 181 +-- .../values.prod.yaml | 181 +-- .../values.staging.yaml | 181 +-- .../user-notification-worker/values.dev.yaml | 312 ++-- .../user-notification-worker/values.prod.yaml | 312 ++-- .../values.staging.yaml | 312 ++-- .../user-notification/values.dev.yaml | 295 ++-- .../user-notification/values.prod.yaml | 295 ++-- .../user-notification/values.staging.yaml | 295 ++-- charts/services/web/values.dev.yaml | 189 +-- charts/services/web/values.prod.yaml | 192 +-- charts/services/web/values.staging.yaml | 190 +-- .../services/xroad-collector/values.dev.yaml | 172 +-- .../services/xroad-collector/values.prod.yaml | 172 +-- .../xroad-collector/values.staging.yaml | 172 +-- infra/src/cli/generate-chart-values.ts | 27 +- 155 files changed, 14602 insertions(+), 25024 deletions(-) diff --git a/charts/services/air-discount-scheme-api/values.dev.yaml b/charts/services/air-discount-scheme-api/values.dev.yaml index d0f068167a44..4b9456c5ce68 100644 --- a/charts/services/air-discount-scheme-api/values.dev.yaml +++ b/charts/services/air-discount-scheme-api/values.dev.yaml @@ -1,95 +1,78 @@ -{ - "air-discount-scheme-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUTH_AUDIENCE": { - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - }, - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - } - }, - "features": {}, - "name": "air-discount-scheme-api", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "AUTH_JWT_SECRET": "/k8s/air-discount-scheme/api/AUTH_JWT_SECRET", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN", - "DEVELOPERS": "/k8s/air-discount-scheme/api/DEVELOPERS", - "ADMINS": "/k8s/air-discount-scheme/api/ADMINS" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "loftbru", - "loftbru-cf" - ], - "staging": [ - "loftbru", - "loftbru-cf" - ], - "prod": [ - "loftbru" - ] - }, - "paths": [ - "/api/graphql" - ], - "public": true - } - }, - "namespace": "air-discount-scheme", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "air-discount-scheme-api", - "replicaCount": { - "min": 2, - "max": 10, - "default": 2, - "scalingMagicNumber": 20 - } - } - } -} \ No newline at end of file +service: + name: air-discount-scheme-api + enabled: true + env: + AUTH_AUDIENCE: loftbru.dev01.devland.is + BACKEND_URL: http://web-air-discount-scheme-backend + CONTENTFUL_HOST: preview.contentful.com + ELASTIC_NODE: https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: loftbru.dev01.devland.is + paths: + - /api/graphql + - host: loftbru-cf.dev01.devland.is + paths: + - /api/graphql + namespace: air-discount-scheme + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + ADMINS: /k8s/air-discount-scheme/api/ADMINS + AUTH_JWT_SECRET: /k8s/air-discount-scheme/api/AUTH_JWT_SECRET + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN + DEVELOPERS: /k8s/air-discount-scheme/api/DEVELOPERS + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/air-discount-scheme-api + create: true + name: air-discount-scheme-api diff --git a/charts/services/air-discount-scheme-api/values.prod.yaml b/charts/services/air-discount-scheme-api/values.prod.yaml index d0f068167a44..2cef53ce7762 100644 --- a/charts/services/air-discount-scheme-api/values.prod.yaml +++ b/charts/services/air-discount-scheme-api/values.prod.yaml @@ -1,95 +1,75 @@ -{ - "air-discount-scheme-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUTH_AUDIENCE": { - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - }, - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - } - }, - "features": {}, - "name": "air-discount-scheme-api", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "AUTH_JWT_SECRET": "/k8s/air-discount-scheme/api/AUTH_JWT_SECRET", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN", - "DEVELOPERS": "/k8s/air-discount-scheme/api/DEVELOPERS", - "ADMINS": "/k8s/air-discount-scheme/api/ADMINS" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "loftbru", - "loftbru-cf" - ], - "staging": [ - "loftbru", - "loftbru-cf" - ], - "prod": [ - "loftbru" - ] - }, - "paths": [ - "/api/graphql" - ], - "public": true - } - }, - "namespace": "air-discount-scheme", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "air-discount-scheme-api", - "replicaCount": { - "min": 2, - "max": 10, - "default": 2, - "scalingMagicNumber": 20 - } - } - } -} \ No newline at end of file +service: + name: air-discount-scheme-api + enabled: true + env: + AUTH_AUDIENCE: loftbru.island.is + BACKEND_URL: http://web-air-discount-scheme-backend + CONTENTFUL_HOST: cdn.contentful.com + ELASTIC_NODE: https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-external + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: loftbru.island.is + paths: + - /api/graphql + namespace: air-discount-scheme + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + ADMINS: /k8s/air-discount-scheme/api/ADMINS + AUTH_JWT_SECRET: /k8s/air-discount-scheme/api/AUTH_JWT_SECRET + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN + DEVELOPERS: /k8s/air-discount-scheme/api/DEVELOPERS + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/air-discount-scheme-api + create: true + name: air-discount-scheme-api diff --git a/charts/services/air-discount-scheme-api/values.staging.yaml b/charts/services/air-discount-scheme-api/values.staging.yaml index d0f068167a44..bcb2920f540b 100644 --- a/charts/services/air-discount-scheme-api/values.staging.yaml +++ b/charts/services/air-discount-scheme-api/values.staging.yaml @@ -1,95 +1,78 @@ -{ - "air-discount-scheme-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUTH_AUDIENCE": { - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - }, - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - } - }, - "features": {}, - "name": "air-discount-scheme-api", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "AUTH_JWT_SECRET": "/k8s/air-discount-scheme/api/AUTH_JWT_SECRET", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN", - "DEVELOPERS": "/k8s/air-discount-scheme/api/DEVELOPERS", - "ADMINS": "/k8s/air-discount-scheme/api/ADMINS" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "loftbru", - "loftbru-cf" - ], - "staging": [ - "loftbru", - "loftbru-cf" - ], - "prod": [ - "loftbru" - ] - }, - "paths": [ - "/api/graphql" - ], - "public": true - } - }, - "namespace": "air-discount-scheme", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "air-discount-scheme-api", - "replicaCount": { - "min": 2, - "max": 10, - "default": 2, - "scalingMagicNumber": 20 - } - } - } -} \ No newline at end of file +service: + name: air-discount-scheme-api + enabled: true + env: + AUTH_AUDIENCE: loftbru.staging01.devland.is + BACKEND_URL: http://web-air-discount-scheme-backend + CONTENTFUL_HOST: cdn.contentful.com + ELASTIC_NODE: https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: loftbru.staging01.devland.is + paths: + - /api/graphql + - host: loftbru-cf.staging01.devland.is + paths: + - /api/graphql + namespace: air-discount-scheme + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + ADMINS: /k8s/air-discount-scheme/api/ADMINS + AUTH_JWT_SECRET: /k8s/air-discount-scheme/api/AUTH_JWT_SECRET + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN + DEVELOPERS: /k8s/air-discount-scheme/api/DEVELOPERS + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/air-discount-scheme-api + create: true + name: air-discount-scheme-api diff --git a/charts/services/air-discount-scheme-backend/values.dev.yaml b/charts/services/air-discount-scheme-backend/values.dev.yaml index ad02ac00c1b3..f1da1b5be5b6 100644 --- a/charts/services/air-discount-scheme-backend/values.dev.yaml +++ b/charts/services/air-discount-scheme-backend/values.dev.yaml @@ -1,189 +1,113 @@ -{ - "air-discount-scheme-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "ENVIRONMENT": { - "dev": "dev", - "staging": "staging", - "prod": "prod" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@vegagerdin.is/clients/air-discount-scheme" - }, - "features": {}, - "name": "air-discount-scheme-backend", - "grantNamespaces": [ - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ICELANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY", - "MYFLUG_API_KEY": "/k8s/air-discount-scheme/backend/MYFLUG_API_KEY", - "ERNIR_API_KEY": "/k8s/air-discount-scheme/backend/ERNIR_API_KEY", - "NORLANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY", - "NATIONAL_REGISTRY_PASSWORD": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD", - "NATIONAL_REGISTRY_USERNAME": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME", - "NATIONAL_REGISTRY_URL": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "loftbru", - "loftbru-cf" - ], - "staging": [ - "loftbru", - "loftbru-cf" - ], - "prod": "loftbru" - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": {} - }, - "paths": [ - "/api/swagger", - "/api/public" - ] - } - }, - "namespace": "air-discount-scheme", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "air-discount-scheme-backend", - "postgres": { - "username": "air_discount_scheme_backend", - "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", - "name": "air_discount_scheme_backend" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "air_discount_scheme_backend", - "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", - "name": "air_discount_scheme_backend" - } - }, - "redis": { - "host": { - "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379", - "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379", - "prod": "clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379" - } - }, - "replicaCount": { - "min": 2, - "max": 10, - "default": 2, - "scalingMagicNumber": 20 - } - } - } -} \ No newline at end of file +service: + name: air-discount-scheme-backend + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: air_discount_scheme_backend + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: air_discount_scheme_backend + ENVIRONMENT: dev + IDENTITY_SERVER_CLIENT_ID: "@vegagerdin.is/clients/air-discount-scheme" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379 + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "10001" + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + grantNamespaces: + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: loftbru.dev01.devland.is + paths: + - /api/swagger + - /api/public + - host: loftbru-cf.dev01.devland.is + paths: + - /api/swagger + - /api/public + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: air_discount_scheme_backend + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: air_discount_scheme_backend + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD + namespace: air-discount-scheme + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD + ERNIR_API_KEY: /k8s/air-discount-scheme/backend/ERNIR_API_KEY + ICELANDAIR_API_KEY: /k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY + IDENTITY_SERVER_CLIENT_SECRET: /k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET + MYFLUG_API_KEY: /k8s/air-discount-scheme/backend/MYFLUG_API_KEY + NATIONAL_REGISTRY_PASSWORD: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD + NATIONAL_REGISTRY_URL: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL + NATIONAL_REGISTRY_USERNAME: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME + NORLANDAIR_API_KEY: /k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/air-discount-scheme-backend/values.prod.yaml b/charts/services/air-discount-scheme-backend/values.prod.yaml index ad02ac00c1b3..df0023758108 100644 --- a/charts/services/air-discount-scheme-backend/values.prod.yaml +++ b/charts/services/air-discount-scheme-backend/values.prod.yaml @@ -1,189 +1,108 @@ -{ - "air-discount-scheme-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "ENVIRONMENT": { - "dev": "dev", - "staging": "staging", - "prod": "prod" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@vegagerdin.is/clients/air-discount-scheme" - }, - "features": {}, - "name": "air-discount-scheme-backend", - "grantNamespaces": [ - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ICELANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY", - "MYFLUG_API_KEY": "/k8s/air-discount-scheme/backend/MYFLUG_API_KEY", - "ERNIR_API_KEY": "/k8s/air-discount-scheme/backend/ERNIR_API_KEY", - "NORLANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY", - "NATIONAL_REGISTRY_PASSWORD": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD", - "NATIONAL_REGISTRY_USERNAME": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME", - "NATIONAL_REGISTRY_URL": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "loftbru", - "loftbru-cf" - ], - "staging": [ - "loftbru", - "loftbru-cf" - ], - "prod": "loftbru" - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": {} - }, - "paths": [ - "/api/swagger", - "/api/public" - ] - } - }, - "namespace": "air-discount-scheme", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "air-discount-scheme-backend", - "postgres": { - "username": "air_discount_scheme_backend", - "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", - "name": "air_discount_scheme_backend" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "air_discount_scheme_backend", - "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", - "name": "air_discount_scheme_backend" - } - }, - "redis": { - "host": { - "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379", - "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379", - "prod": "clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379" - } - }, - "replicaCount": { - "min": 2, - "max": 10, - "default": 2, - "scalingMagicNumber": 20 - } - } - } -} \ No newline at end of file +service: + name: air-discount-scheme-backend + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: air_discount_scheme_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: air_discount_scheme_backend + ENVIRONMENT: prod + IDENTITY_SERVER_CLIENT_ID: "@vegagerdin.is/clients/air-discount-scheme" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379 + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + grantNamespaces: + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: loftbru.island.is + paths: + - /api/swagger + - /api/public + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: air_discount_scheme_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: air_discount_scheme_backend + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD + namespace: air-discount-scheme + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD + ERNIR_API_KEY: /k8s/air-discount-scheme/backend/ERNIR_API_KEY + ICELANDAIR_API_KEY: /k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY + IDENTITY_SERVER_CLIENT_SECRET: /k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET + MYFLUG_API_KEY: /k8s/air-discount-scheme/backend/MYFLUG_API_KEY + NATIONAL_REGISTRY_PASSWORD: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD + NATIONAL_REGISTRY_URL: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL + NATIONAL_REGISTRY_USERNAME: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME + NORLANDAIR_API_KEY: /k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/air-discount-scheme-backend/values.staging.yaml b/charts/services/air-discount-scheme-backend/values.staging.yaml index ad02ac00c1b3..3dd0765ca405 100644 --- a/charts/services/air-discount-scheme-backend/values.staging.yaml +++ b/charts/services/air-discount-scheme-backend/values.staging.yaml @@ -1,189 +1,113 @@ -{ - "air-discount-scheme-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "ENVIRONMENT": { - "dev": "dev", - "staging": "staging", - "prod": "prod" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@vegagerdin.is/clients/air-discount-scheme" - }, - "features": {}, - "name": "air-discount-scheme-backend", - "grantNamespaces": [ - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ICELANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY", - "MYFLUG_API_KEY": "/k8s/air-discount-scheme/backend/MYFLUG_API_KEY", - "ERNIR_API_KEY": "/k8s/air-discount-scheme/backend/ERNIR_API_KEY", - "NORLANDAIR_API_KEY": "/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY", - "NATIONAL_REGISTRY_PASSWORD": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD", - "NATIONAL_REGISTRY_USERNAME": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME", - "NATIONAL_REGISTRY_URL": "/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "loftbru", - "loftbru-cf" - ], - "staging": [ - "loftbru", - "loftbru-cf" - ], - "prod": "loftbru" - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": {} - }, - "paths": [ - "/api/swagger", - "/api/public" - ] - } - }, - "namespace": "air-discount-scheme", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "air-discount-scheme-backend", - "postgres": { - "username": "air_discount_scheme_backend", - "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", - "name": "air_discount_scheme_backend" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "air_discount_scheme_backend", - "passwordSecret": "/k8s/air-discount-scheme-backend/DB_PASSWORD", - "name": "air_discount_scheme_backend" - } - }, - "redis": { - "host": { - "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379", - "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379", - "prod": "clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379" - } - }, - "replicaCount": { - "min": 2, - "max": 10, - "default": 2, - "scalingMagicNumber": 20 - } - } - } -} \ No newline at end of file +service: + name: air-discount-scheme-backend + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: air_discount_scheme_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: air_discount_scheme_backend + ENVIRONMENT: staging + IDENTITY_SERVER_CLIENT_ID: "@vegagerdin.is/clients/air-discount-scheme" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379 + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + grantNamespaces: + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: loftbru.staging01.devland.is + paths: + - /api/swagger + - /api/public + - host: loftbru-cf.staging01.devland.is + paths: + - /api/swagger + - /api/public + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: air_discount_scheme_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: air_discount_scheme_backend + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD + namespace: air-discount-scheme + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD + ERNIR_API_KEY: /k8s/air-discount-scheme/backend/ERNIR_API_KEY + ICELANDAIR_API_KEY: /k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY + IDENTITY_SERVER_CLIENT_SECRET: /k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET + MYFLUG_API_KEY: /k8s/air-discount-scheme/backend/MYFLUG_API_KEY + NATIONAL_REGISTRY_PASSWORD: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD + NATIONAL_REGISTRY_URL: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL + NATIONAL_REGISTRY_USERNAME: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME + NORLANDAIR_API_KEY: /k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/air-discount-scheme-web/values.dev.yaml b/charts/services/air-discount-scheme-web/values.dev.yaml index 7578d054e120..4b760c93dd6c 100644 --- a/charts/services/air-discount-scheme-web/values.dev.yaml +++ b/charts/services/air-discount-scheme-web/values.dev.yaml @@ -1,108 +1,76 @@ -{ - "air-discount-scheme-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_DOMAIN": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "NEXTAUTH_URL": { - "staging": "https://loftbru.staging01.devland.is", - "prod": "https://loftbru.island.is" - } - }, - "features": {}, - "name": "air-discount-scheme-web", - "grantNamespaces": [ - "nginx-ingress-external", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", - "IDENTITY_SERVER_SECRET": "/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "loftbru", - "loftbru-cf" - ], - "staging": [ - "loftbru", - "loftbru-cf" - ], - "prod": [ - "loftbru" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", - "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", - "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;" - } - }, - "paths": [ - "/" - ], - "public": true - } - }, - "namespace": "air-discount-scheme", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "min": 2, - "max": 10, - "default": 2, - "scalingMagicNumber": 20 - } - } - } -} \ No newline at end of file +service: + name: air-discount-scheme-web + enabled: true + env: + API_URL: http://web-air-discount-scheme-api + ENVIRONMENT: dev + IDENTITY_SERVER_ISSUER_DOMAIN: identity-server.dev01.devland.is + LOG_LEVEL: info + NEXTAUTH_URL: https://loftbru.dev01.devland.is + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/configuration-snippet: rewrite /$ + https://beta.dev01.devland.is/loftbru; rewrite /en$ + https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas; + nginx.ingress.kubernetes.io/proxy-buffer-size: 16k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/proxy-buffers-number: "4" + nginx.ingress.kubernetes.io/server-snippet: client_header_buffer_size 16k; large_client_header_buffers 4 16k; + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: loftbru.dev01.devland.is + paths: + - / + - host: loftbru-cf.dev01.devland.is + paths: + - / + namespace: air-discount-scheme + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + IDENTITY_SERVER_SECRET: /k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/air-discount-scheme-web/values.prod.yaml b/charts/services/air-discount-scheme-web/values.prod.yaml index 7578d054e120..337b4e5c1ad5 100644 --- a/charts/services/air-discount-scheme-web/values.prod.yaml +++ b/charts/services/air-discount-scheme-web/values.prod.yaml @@ -1,108 +1,72 @@ -{ - "air-discount-scheme-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_DOMAIN": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "NEXTAUTH_URL": { - "staging": "https://loftbru.staging01.devland.is", - "prod": "https://loftbru.island.is" - } - }, - "features": {}, - "name": "air-discount-scheme-web", - "grantNamespaces": [ - "nginx-ingress-external", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", - "IDENTITY_SERVER_SECRET": "/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "loftbru", - "loftbru-cf" - ], - "staging": [ - "loftbru", - "loftbru-cf" - ], - "prod": [ - "loftbru" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", - "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", - "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;" - } - }, - "paths": [ - "/" - ], - "public": true - } - }, - "namespace": "air-discount-scheme", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "min": 2, - "max": 10, - "default": 2, - "scalingMagicNumber": 20 - } - } - } -} \ No newline at end of file +service: + name: air-discount-scheme-web + enabled: true + env: + API_URL: http://web-air-discount-scheme-api + ENVIRONMENT: prod + IDENTITY_SERVER_ISSUER_DOMAIN: innskra.island.is + LOG_LEVEL: info + NEXTAUTH_URL: https://loftbru.island.is + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-external + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/configuration-snippet: rewrite /$ + https://island.is/loftbru; rewrite /en$ + https://island.is/en/lower-airfares-for-residents-in-rural-areas; + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: loftbru.island.is + paths: + - / + namespace: air-discount-scheme + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + IDENTITY_SERVER_SECRET: /k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/air-discount-scheme-web/values.staging.yaml b/charts/services/air-discount-scheme-web/values.staging.yaml index 7578d054e120..fea2f0c02396 100644 --- a/charts/services/air-discount-scheme-web/values.staging.yaml +++ b/charts/services/air-discount-scheme-web/values.staging.yaml @@ -1,108 +1,76 @@ -{ - "air-discount-scheme-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_DOMAIN": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "NEXTAUTH_URL": { - "staging": "https://loftbru.staging01.devland.is", - "prod": "https://loftbru.island.is" - } - }, - "features": {}, - "name": "air-discount-scheme-web", - "grantNamespaces": [ - "nginx-ingress-external", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", - "IDENTITY_SERVER_SECRET": "/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "loftbru", - "loftbru-cf" - ], - "staging": [ - "loftbru", - "loftbru-cf" - ], - "prod": [ - "loftbru" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", - "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;", - "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/configuration-snippet": "rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;" - } - }, - "paths": [ - "/" - ], - "public": true - } - }, - "namespace": "air-discount-scheme", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "min": 2, - "max": 10, - "default": 2, - "scalingMagicNumber": 20 - } - } - } -} \ No newline at end of file +service: + name: air-discount-scheme-web + enabled: true + env: + API_URL: http://web-air-discount-scheme-api + ENVIRONMENT: staging + IDENTITY_SERVER_ISSUER_DOMAIN: identity-server.staging01.devland.is + LOG_LEVEL: info + NEXTAUTH_URL: https://loftbru.staging01.devland.is + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 20 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/configuration-snippet: rewrite /$ + https://beta.staging01.devland.is/loftbru; rewrite /en$ + https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas; + nginx.ingress.kubernetes.io/proxy-buffer-size: 16k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/proxy-buffers-number: "4" + nginx.ingress.kubernetes.io/server-snippet: client_header_buffer_size 16k; large_client_header_buffers 4 16k; + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: loftbru.staging01.devland.is + paths: + - / + - host: loftbru-cf.staging01.devland.is + paths: + - / + namespace: air-discount-scheme + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + IDENTITY_SERVER_SECRET: /k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/api/values.dev.yaml b/charts/services/api/values.dev.yaml index 5ba1c6a118e6..7e9ecaff59c5 100644 --- a/charts/services/api/values.dev.yaml +++ b/charts/services/api/values.dev.yaml @@ -1,1062 +1,308 @@ -{ - "api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { - "dev": "loftbru.dev01.devland.is", - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - }, - "FILE_STORAGE_UPLOAD_BUCKET": { - "dev": "island-is-dev-upload-api", - "staging": "island-is-staging-upload-api", - "prod": "island-is-prod-upload-api" - }, - "AUTH_PUBLIC_API_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/" - }, - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTACT_US_EMAIL": { - "prod": "island@island.is", - "staging": "island@island.is", - "dev": "s@kogk.is" - }, - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "stjanilofts" - }, - "TELL_US_A_STORY_EMAIL": { - "dev": "s@kogk.is", - "staging": "sogur@island.is", - "prod": "sogur@island.is" - }, - "SEND_FROM_EMAIL": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "island@island.is" - }, - "FILE_DOWNLOAD_BUCKET": { - "dev": "island-is-dev-download-cache-api", - "staging": "island-is-staging-download-cache-api", - "prod": "island-is-prod-download-cache-api" - }, - "DOWNLOAD_SERVICE_BASE_PATH": { - "prod": "https://api.island.is", - "dev": "https://api.dev01.devland.is", - "staging": "https://api.staging01.devland.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/api", - "AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT": "20000", - "XROAD_NATIONAL_REGISTRY_TIMEOUT": "20000", - "XROAD_PROPERTIES_TIMEOUT": "35000", - "SYSLUMENN_TIMEOUT": "40000", - "XROAD_DRIVING_LICENSE_BOOK_TIMEOUT": "20000", - "XROAD_FINANCES_TIMEOUT": "20000", - "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL": { - "dev": "http://web-financial-aid-backend", - "staging": "http://web-financial-aid-backend", - "prod": "http://web-financial-aid-backend" - }, - "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { - "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" - }, - "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", - "FINANCIAL_STATEMENTS_INAO_SCOPE": { - "dev": "https://dev-re.crm4.dynamics.com/.default", - "staging": "https://dev-re.crm4.dynamics.com/.default", - "prod": "https://star-re.crm4.dynamics.com/.default" - }, - "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", - "ELECTRONIC_REGISTRATION_STATISTICS_API_URL": { - "dev": "https://api-staging.thinglysing.is/business/tolfraedi", - "staging": "https://api-staging.thinglysing.is/business/tolfraedi", - "prod": "https://api.thinglysing.is/business/tolfraedi" - }, - "FORM_SYSTEM_API_BASE_PATH": { - "dev": "https://profun.island.is/umsoknarkerfi", - "staging": "", - "prod": "" - }, - "CONSULTATION_PORTAL_CLIENT_BASE_PATH": { - "dev": "https://samradapi-test.devland.is", - "staging": "https://samradapi-test.devland.is", - "prod": "https://samradapi.island.is" - }, - "FISKISTOFA_ZENTER_CLIENT_ID": "1114", - "HSN_WEB_FORM_ID": "1dimJFHLFYtnhoYEA3JxRK", - "AUTH_ADMIN_API_PATH": { - "dev": "https://identity-server.dev01.devland.is/backend", - "staging": "https://identity-server.staging01.devland.is/backend", - "prod": "https://innskra.island.is/backend" - }, - "AUTH_ADMIN_API_PATHS": { - "dev": "{\"development\":\"https://identity-server.dev01.devland.is/backend\"}", - "staging": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\"}", - "prod": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\",\"production\":\"https://innskra.island.is/backend\"}" - }, - "AUTH_IDS_API_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "HUNTING_LICENSE_PASS_TEMPLATE_ID": { - "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "prod": "5f42f942-d8d6-40bf-a186-5a9e12619d9f" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "APOLLO_CACHE_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "LICENSE_SERVICE_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_SCOPE": "[\"@rsk.is/prokura\",\"@rsk.is/prokura:admin\"]", - "WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME": { - "dev": "island-is-assistant-feedback", - "staging": "island-is-assistant-feedback", - "prod": "island-is-assistant-feedback" - } - }, - "features": {}, - "name": "api", - "grantNamespaces": [ - "nginx-ingress-external", - "api-catalogue", - "application-system", - "consultation-portal", - "portals-admin" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET", - "DOCUMENT_PROVIDER_BASE_PATH": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH", - "DOCUMENT_PROVIDER_TOKEN_URL": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL", - "DOCUMENT_PROVIDER_BASE_PATH_TEST": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST", - "DOCUMENT_PROVIDER_TOKEN_URL_TEST": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST", - "SYSLUMENN_HOST": "/k8s/api/SYSLUMENN_HOST", - "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", - "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", - "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", - "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", - "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", - "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", - "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", - "DOCUMENT_PROVIDER_CLIENTID": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID", - "DOCUMENT_PROVIDER_CLIENT_SECRET": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET", - "DOCUMENT_PROVIDER_CLIENTID_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST", - "DOCUMENT_PROVIDER_CLIENT_SECRET_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST", - "SYSLUMENN_USERNAME": "/k8s/api/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/api/SYSLUMENN_PASSWORD", - "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", - "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", - "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", - "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", - "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", - "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", - "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", - "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", - "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", - "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", - "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", - "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", - "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", - "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", - "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", - "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", - "ADR_LICENSE_FETCH_TIMEOUT": "/k8s/api/ADR_LICENSE_FETCH_TIMEOUT", - "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", - "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", - "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", - "INTELLECTUAL_PROPERTY_API_KEY": "/k8s/api/IP_API_KEY", - "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", - "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", - "VEHICLES_ALLOW_CO_OWNERS": "/k8s/api/VEHICLES_ALLOW_CO_OWNERS", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/api/IDENTITY_SERVER_CLIENT_SECRET", - "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", - "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", - "FISKISTOFA_ZENTER_EMAIL": "/k8s/api/FISKISTOFA_ZENTER_EMAIL", - "FISKISTOFA_ZENTER_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_PASSWORD", - "FISKISTOFA_ZENTER_CLIENT_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD", - "FISKISTOFA_API_URL": "/k8s/api/FISKISTOFA_API_URL", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE", - "FISKISTOFA_POWERBI_CLIENT_ID": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID", - "FISKISTOFA_POWERBI_CLIENT_SECRET": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET", - "FISKISTOFA_POWERBI_TENANT_ID": "/k8s/api/FISKISTOFA_POWERBI_TENANT_ID", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", - "HSN_WEB_FORM_RESPONSE_URL": "/k8s/api/HSN_WEB_FORM_RESPONSE_URL", - "HSN_WEB_FORM_RESPONSE_SECRET": "/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET", - "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY", - "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY", - "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY", - "CHART_STATISTIC_SOURCE_DATA_PATHS": "/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS", - "CHART_STATISTIC_CACHE_TTL": "/k8s/api/CHART_STATISTIC_CACHE_TTL", - "WATSON_ASSISTANT_CHAT_FEEDBACK_URL": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL", - "WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY", - "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY", - "ULTRAVIOLET_RADIATION_API_KEY": "/k8s/api/ULTRAVIOLET_RADIATION_API_KEY", - "UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL": "/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL", - "VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY": "/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta", - "api-catalogue" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "paths": [ - "/api" - ], - "public": true - } - }, - "namespace": "islandis", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "1200m", - "memory": "3200Mi" - }, - "requests": { - "cpu": "400m", - "memory": "896Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_ADR_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_COURT_BANKRUPTCY_CERT_PATH": { - "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", - "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", - "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" - } - }, - "secrets": { - "DOMSYSLA_PASSWORD": "/k8s/api/DOMSYSLA_PASSWORD", - "DOMSYSLA_USERNAME": "/k8s/api/DOMSYSLA_USERNAME" - } - } - }, - { - "config": { - "env": { - "XROAD_HUNTING_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", - "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", - "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FIREARM_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", - "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", - "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISABILITY_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", - "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_INSURANCE_WSDLURL": { - "dev": "https://test-huld.sjukra.is/islandrg?wsdl", - "staging": "https://test-huld.sjukra.is/islandrg?wsdl", - "prod": "https://huld.sjukra.is/islandrg?wsdl" - }, - "XROAD_HEALTH_INSURANCE_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", - "prod": "IS/GOV/4804080550/SJUKRA-Protected" - }, - "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" - } - }, - "secrets": { - "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", - "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", - "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", - "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_INTELLECTUAL_PROPERTIES_PATH": { - "dev": "IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI", - "staging": "IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI", - "prod": "IS/GOV/6501912189/WebAPI-Public/HUG-webAPI" - } - } - } - }, - { - "config": { - "env": { - "XROAD_INNA_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VMST_API_PATH": { - "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" - }, - "XROAD_VMST_MEMBER_CODE": { - "dev": "10003", - "staging": "7005942039", - "prod": "7005942039" - } - }, - "secrets": { - "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" - } - } - }, - { - "config": { - "env": { - "XROAD_DRIVING_LICENSE_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V2_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V4_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" - }, - "XROAD_DRIVING_LICENSE_V5_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" - } - }, - "secrets": { - "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10021/FJS-Public", - "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", - "prod": "IS/GOV/5402697509/FJS-Public" - }, - "XROAD_PAYMENT_BASE_CALLBACK_URL": { - "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", - "staging": "XROAD:", - "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" - }, - "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" - }, - "secrets": { - "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", - "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", - "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" - }, - "XROAD_FINANCES_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" - }, - "XROAD_HMS_LOANS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" - }, - "XROAD_HMS_HOUSING_BENEFITS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_LICENSE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" - }, - "XROAD_MMS_GRADE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PROPERTIES_SERVICE_V2_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" - } - }, - "secrets": { - "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_SCHEDULE_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", - "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CRIMINAL_RECORD_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" - } - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - }, - { - "config": { - "env": {}, - "secrets": { - "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH", - "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/api/DRIVING_LICENSE_BOOK_USERNAME", - "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD" - } - } - }, - { - "config": { - "env": { - "FISHING_LICENSE_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", - "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", - "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCIAL_AID_BACKEND_PATH": { - "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", - "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", - "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_MILEAGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PASSPORT_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_CODETABLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" - }, - "XROAD_VEHICLE_INFOLOCKS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" - }, - "XROAD_VEHICLE_OPERATORS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" - }, - "XROAD_VEHICLE_OWNER_CHANGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" - }, - "XROAD_VEHICLE_PLATE_ORDERING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" - }, - "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" - }, - "XROAD_VEHICLE_PRINTING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" - }, - "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CHARGE_FJS_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" - } - } - } - }, - { - "config": { - "env": { - "XROAD_ENERGY_FUNDS_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" - }, - "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" - }, - "XROAD_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" - }, - "XROAD_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" - }, - "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" - }, - "XROAD_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", - "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - }, - { - "config": { - "env": { - "XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Protected/recruitment-v1", - "staging": "IS-TEST/GOV/10021/FJS-Protected/recruitment-v1", - "prod": "IS/GOV/5402697509/FJS-Protected/recruitment-v1" - } - }, - "secrets": { - "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME", - "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_AIRCRAFT_REGISTRY_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HOUSING_BENEFIT_CALCULATOR_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/calc-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/calc-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1" - } - }, - "secrets": { - "HOUSING_BENEFIT_CALCULATOR_USERNAME": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME", - "HOUSING_BENEFIT_CALCULATOR_PASSWORD": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_SHIP_REGISTRY_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { - "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_SIGNATURE_COLLECTION_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_TR_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", - "prod": "IS/GOV/5012130120/TR-Protected/external-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", - "prod": "IS/GOV/10014/DMR-Protected/official-journal" - } - } - } - }, - { - "config": { - "env": { - "XROAD_JUDICIAL_SYSTEM_SP_PATH": { - "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", - "staging": "IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", - "prod": "IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", - "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_FRIGG_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", - "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", - "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_ACCIDENT_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" - } - } - } - } - ], - "files": [ - { - "filename": "islyklar.p12", - "env": "ISLYKILL_CERT" - } - ], - "volumes": [], - "accountName": "api", - "cmds": "node", - "args": [ - "--tls-min-v1.0", - "--no-experimental-fetch", - "main.js" - ], - "replicaCount": { - "default": 2, - "max": 50, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: api + args: + - --tls-min-v1.0 + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: "20000" + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.dev01.devland.is + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: http://web-application-system-api.application-system.svc.cluster.local + AUTH_ADMIN_API_PATH: https://identity-server.dev01.devland.is/backend + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_IDS_API_URL: https://identity-server.dev01.devland.is + AUTH_PUBLIC_API_URL: https://identity-server.dev01.devland.is/api + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 + CONSULTATION_PORTAL_CLIENT_BASE_PATH: https://samradapi-test.devland.is + CONTACT_US_EMAIL: s@kogk.is + CONTENTFUL_HOST: preview.contentful.com + DOWNLOAD_SERVICE_BASE_PATH: https://api.dev01.devland.is + ELASTIC_NODE: https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: https://api-staging.thinglysing.is/business/tolfraedi + ENDORSEMENT_SYSTEM_BASE_API_URL: http://web-endorsement-system-api.endorsement-system.svc.cluster.local + FILE_DOWNLOAD_BUCKET: island-is-dev-download-cache-api + FILE_STORAGE_UPLOAD_BUCKET: island-is-dev-upload-api + FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://dev-re.crm4.dynamics.com/api/data/v9.1 + FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 + FINANCIAL_STATEMENTS_INAO_SCOPE: https://dev-re.crm4.dynamics.com/.default + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token + FISHING_LICENSE_XROAD_PROVIDER_ID: IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1 + FISKISTOFA_ZENTER_CLIENT_ID: "1114" + FORM_SYSTEM_API_BASE_PATH: https://profun.island.is/umsoknarkerfi + HSN_WEB_FORM_ID: 1dimJFHLFYtnhoYEA3JxRK + HUNTING_LICENSE_PASS_TEMPLATE_ID: 1da72d52-a93a-4d0f-8463-1933a2bd210b + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + ISLYKILL_CERT: /etc/config/islyklar.p12 + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: info + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: http://web-financial-aid-backend + NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=2880 -r dd-trace/init + REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local + SEND_FROM_EMAIL: development@island.is + SERVERSIDE_FEATURES_ON: "" + SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local + SESSIONS_API_URL: http://web-services-sessions.services-sessions.svc.cluster.local + SYSLUMENN_TIMEOUT: "40000" + TELL_US_A_STORY_EMAIL: s@kogk.is + UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local + USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local + USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local + WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: island-is-assistant-feedback + XROAD_ADR_MACHINE_LICENSE_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1 + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1 + XROAD_AIRCRAFT_REGISTRY_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1 + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_BIFROST_UNIVERSITY_PATH: IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1 + XROAD_CHARGE_FJS_V2_PATH: IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2 + XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_COURT_BANKRUPTCY_CERT_PATH: IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1 + XROAD_CRIMINAL_RECORD_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2 + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1 + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1 + XROAD_DISABILITY_LICENSE_PATH: IS-DEV/GOV/10008/TR-Protected/oryrki-v1 + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: "20000" + XROAD_DRIVING_LICENSE_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1 + XROAD_DRIVING_LICENSE_V2_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2 + XROAD_DRIVING_LICENSE_V4_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4 + XROAD_DRIVING_LICENSE_V5_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5 + XROAD_ENERGY_FUNDS_PATH: IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1 + XROAD_FINANCES_PATH: IS-DEV/GOV/10021/FJS-Public/financeIsland + XROAD_FINANCES_TIMEOUT: "20000" + XROAD_FINANCES_V2_PATH: IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2 + XROAD_FINANCIAL_AID_BACKEND_PATH: IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend + XROAD_FIREARM_LICENSE_PATH: IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1 + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1 + XROAD_HEALTH_DIRECTORATE_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1 + XROAD_HEALTH_INSURANCE_ID: IS-DEV/GOV/10007/SJUKRA-Protected + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur + XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl + XROAD_HMS_HOUSING_BENEFITS_PATH: IS-DEV/GOV/10033/HMS-Protected/husbot-v1 + XROAD_HMS_LOANS_PATH: IS-DEV/GOV/10033/HMS-Protected/libra-v1 + XROAD_HOLAR_UNIVERSITY_PATH: IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1 + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: IS-DEV/GOV/10033/HMS-Protected/calc-v1 + XROAD_HUNTING_LICENSE_PATH: IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: IS-DEV/GOV/10021/FJS-Protected/recruitment-v1 + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1 + XROAD_INNA_PATH: IS-DEV/GOV/10066/MMS-Protected/inna-v1 + XROAD_INTELLECTUAL_PROPERTIES_PATH: IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI + XROAD_JUDICIAL_SYSTEM_SP_PATH: IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api + XROAD_MMS_FRIGG_PATH: IS-DEV/GOV/10066/MMS-Protected/frigg-form-service + XROAD_MMS_GRADE_SERVICE_ID: IS-DEV/GOV/10066/MMS-Protected/grade-api-v1 + XROAD_MMS_LICENSE_SERVICE_ID: IS-DEV/GOV/10066/MMS-Protected/license-api-v1 + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 + XROAD_NATIONAL_REGISTRY_TIMEOUT: "20000" + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS-DEV/GOV/10014/DMR-Protected/official-journal-application + XROAD_OFFICIAL_JOURNAL_PATH: IS-DEV/GOV/10014/DMR-Protected/official-journal + XROAD_PASSPORT_LICENSE_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1 + XROAD_PAYMENT_ADDITION_CALLBACK_URL: / + XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/ + XROAD_PAYMENT_PROVIDER_ID: IS-DEV/GOV/10021/FJS-Public + XROAD_PAYMENT_SCHEDULE_PATH: IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1 + XROAD_PROPERTIES_SERVICE_V2_PATH: IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1 + XROAD_PROPERTIES_TIMEOUT: "35000" + XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1 + XROAD_SIGNATURE_COLLECTION_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "10001" + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_TR_PATH: IS-DEV/GOV/10008/TR-Protected/external-v1 + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1 + XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10010/HI-Protected/brautskraning-v1 + XROAD_VEHICLES_MILEAGE_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1 + XROAD_VEHICLES_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1 + XROAD_VEHICLE_CODETABLES_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1 + XROAD_VEHICLE_INFOLOCKS_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1 + XROAD_VEHICLE_OPERATORS_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3 + XROAD_VEHICLE_OWNER_CHANGE_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2 + XROAD_VEHICLE_PLATE_ORDERING_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 + XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 + XROAD_VEHICLE_PRINTING_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1 + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1 + XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 + XROAD_VMST_MEMBER_CODE: "10003" + XROAD_WORK_ACCIDENT_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token + XROAD_WORK_MACHINE_LICENSE_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token + ZENDESK_CONTACT_FORM_SUBDOMAIN: stjanilofts + files: + - islyklar.p12 + grantNamespaces: + - nginx-ingress-external + - api-catalogue + - application-system + - consultation-portal + - portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.dev01.devland.is + paths: + - /api + - host: api-catalogue.dev01.devland.is + paths: + - /api + namespace: islandis + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: 1200m + memory: 3200Mi + requests: + cpu: 400m + memory: 896Mi + secrets: + ADR_LICENSE_FETCH_TIMEOUT: /k8s/api/ADR_LICENSE_FETCH_TIMEOUT + ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID + APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET + CHART_STATISTIC_CACHE_TTL: /k8s/api/CHART_STATISTIC_CACHE_TTL + CHART_STATISTIC_SOURCE_DATA_PATHS: /k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY + DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT + DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID + DOCUMENT_PROVIDER_BASE_PATH: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH + DOCUMENT_PROVIDER_BASE_PATH_TEST: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST + DOCUMENT_PROVIDER_CLIENTID: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID + DOCUMENT_PROVIDER_CLIENTID_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST + DOCUMENT_PROVIDER_CLIENT_SECRET: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST + DOCUMENT_PROVIDER_TOKEN_URL: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL + DOCUMENT_PROVIDER_TOKEN_URL_TEST: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST + DOMSYSLA_PASSWORD: /k8s/api/DOMSYSLA_PASSWORD + DOMSYSLA_USERNAME: /k8s/api/DOMSYSLA_USERNAME + DRIVING_LICENSE_BOOK_PASSWORD: /k8s/api/DRIVING_LICENSE_BOOK_PASSWORD + DRIVING_LICENSE_BOOK_USERNAME: /k8s/api/DRIVING_LICENSE_BOOK_USERNAME + DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH + DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT + DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET + FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT + FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL + FISKISTOFA_API_URL: /k8s/api/FISKISTOFA_API_URL + FISKISTOFA_POWERBI_CLIENT_ID: /k8s/api/FISKISTOFA_POWERBI_CLIENT_ID + FISKISTOFA_POWERBI_CLIENT_SECRET: /k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET + FISKISTOFA_POWERBI_TENANT_ID: /k8s/api/FISKISTOFA_POWERBI_TENANT_ID + FISKISTOFA_ZENTER_CLIENT_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD + FISKISTOFA_ZENTER_EMAIL: /k8s/api/FISKISTOFA_ZENTER_EMAIL + FISKISTOFA_ZENTER_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_PASSWORD + HOUSING_BENEFIT_CALCULATOR_PASSWORD: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD + HOUSING_BENEFIT_CALCULATOR_USERNAME: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME + HSN_WEB_FORM_RESPONSE_SECRET: /k8s/api/HSN_WEB_FORM_RESPONSE_SECRET + HSN_WEB_FORM_RESPONSE_URL: /k8s/api/HSN_WEB_FORM_RESPONSE_URL + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME + IDENTITY_SERVER_CLIENT_SECRET: /k8s/api/IDENTITY_SERVER_CLIENT_SECRET + INTELLECTUAL_PROPERTY_API_KEY: /k8s/api/IP_API_KEY + ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH + ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE + LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY + MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY + PKPASS_API_URL: /k8s/api/PKPASS_API_URL + PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES + PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA + PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY + POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH + POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID + POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET + POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL + REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY + SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL + SYSLUMENN_HOST: /k8s/api/SYSLUMENN_HOST + SYSLUMENN_PASSWORD: /k8s/api/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/api/SYSLUMENN_USERNAME + TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY + ULTRAVIOLET_RADIATION_API_KEY: /k8s/api/ULTRAVIOLET_RADIATION_API_KEY + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: /k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL + UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY + VEHICLES_ALLOW_CO_OWNERS: /k8s/api/VEHICLES_ALLOW_CO_OWNERS + VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: /k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL + XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD + XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD + XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/api + create: true + name: api diff --git a/charts/services/api/values.prod.yaml b/charts/services/api/values.prod.yaml index 5ba1c6a118e6..45a894f66f5b 100644 --- a/charts/services/api/values.prod.yaml +++ b/charts/services/api/values.prod.yaml @@ -1,1062 +1,308 @@ -{ - "api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { - "dev": "loftbru.dev01.devland.is", - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - }, - "FILE_STORAGE_UPLOAD_BUCKET": { - "dev": "island-is-dev-upload-api", - "staging": "island-is-staging-upload-api", - "prod": "island-is-prod-upload-api" - }, - "AUTH_PUBLIC_API_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/" - }, - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTACT_US_EMAIL": { - "prod": "island@island.is", - "staging": "island@island.is", - "dev": "s@kogk.is" - }, - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "stjanilofts" - }, - "TELL_US_A_STORY_EMAIL": { - "dev": "s@kogk.is", - "staging": "sogur@island.is", - "prod": "sogur@island.is" - }, - "SEND_FROM_EMAIL": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "island@island.is" - }, - "FILE_DOWNLOAD_BUCKET": { - "dev": "island-is-dev-download-cache-api", - "staging": "island-is-staging-download-cache-api", - "prod": "island-is-prod-download-cache-api" - }, - "DOWNLOAD_SERVICE_BASE_PATH": { - "prod": "https://api.island.is", - "dev": "https://api.dev01.devland.is", - "staging": "https://api.staging01.devland.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/api", - "AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT": "20000", - "XROAD_NATIONAL_REGISTRY_TIMEOUT": "20000", - "XROAD_PROPERTIES_TIMEOUT": "35000", - "SYSLUMENN_TIMEOUT": "40000", - "XROAD_DRIVING_LICENSE_BOOK_TIMEOUT": "20000", - "XROAD_FINANCES_TIMEOUT": "20000", - "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL": { - "dev": "http://web-financial-aid-backend", - "staging": "http://web-financial-aid-backend", - "prod": "http://web-financial-aid-backend" - }, - "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { - "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" - }, - "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", - "FINANCIAL_STATEMENTS_INAO_SCOPE": { - "dev": "https://dev-re.crm4.dynamics.com/.default", - "staging": "https://dev-re.crm4.dynamics.com/.default", - "prod": "https://star-re.crm4.dynamics.com/.default" - }, - "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", - "ELECTRONIC_REGISTRATION_STATISTICS_API_URL": { - "dev": "https://api-staging.thinglysing.is/business/tolfraedi", - "staging": "https://api-staging.thinglysing.is/business/tolfraedi", - "prod": "https://api.thinglysing.is/business/tolfraedi" - }, - "FORM_SYSTEM_API_BASE_PATH": { - "dev": "https://profun.island.is/umsoknarkerfi", - "staging": "", - "prod": "" - }, - "CONSULTATION_PORTAL_CLIENT_BASE_PATH": { - "dev": "https://samradapi-test.devland.is", - "staging": "https://samradapi-test.devland.is", - "prod": "https://samradapi.island.is" - }, - "FISKISTOFA_ZENTER_CLIENT_ID": "1114", - "HSN_WEB_FORM_ID": "1dimJFHLFYtnhoYEA3JxRK", - "AUTH_ADMIN_API_PATH": { - "dev": "https://identity-server.dev01.devland.is/backend", - "staging": "https://identity-server.staging01.devland.is/backend", - "prod": "https://innskra.island.is/backend" - }, - "AUTH_ADMIN_API_PATHS": { - "dev": "{\"development\":\"https://identity-server.dev01.devland.is/backend\"}", - "staging": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\"}", - "prod": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\",\"production\":\"https://innskra.island.is/backend\"}" - }, - "AUTH_IDS_API_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "HUNTING_LICENSE_PASS_TEMPLATE_ID": { - "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "prod": "5f42f942-d8d6-40bf-a186-5a9e12619d9f" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "APOLLO_CACHE_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "LICENSE_SERVICE_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_SCOPE": "[\"@rsk.is/prokura\",\"@rsk.is/prokura:admin\"]", - "WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME": { - "dev": "island-is-assistant-feedback", - "staging": "island-is-assistant-feedback", - "prod": "island-is-assistant-feedback" - } - }, - "features": {}, - "name": "api", - "grantNamespaces": [ - "nginx-ingress-external", - "api-catalogue", - "application-system", - "consultation-portal", - "portals-admin" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET", - "DOCUMENT_PROVIDER_BASE_PATH": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH", - "DOCUMENT_PROVIDER_TOKEN_URL": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL", - "DOCUMENT_PROVIDER_BASE_PATH_TEST": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST", - "DOCUMENT_PROVIDER_TOKEN_URL_TEST": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST", - "SYSLUMENN_HOST": "/k8s/api/SYSLUMENN_HOST", - "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", - "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", - "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", - "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", - "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", - "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", - "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", - "DOCUMENT_PROVIDER_CLIENTID": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID", - "DOCUMENT_PROVIDER_CLIENT_SECRET": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET", - "DOCUMENT_PROVIDER_CLIENTID_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST", - "DOCUMENT_PROVIDER_CLIENT_SECRET_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST", - "SYSLUMENN_USERNAME": "/k8s/api/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/api/SYSLUMENN_PASSWORD", - "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", - "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", - "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", - "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", - "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", - "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", - "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", - "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", - "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", - "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", - "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", - "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", - "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", - "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", - "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", - "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", - "ADR_LICENSE_FETCH_TIMEOUT": "/k8s/api/ADR_LICENSE_FETCH_TIMEOUT", - "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", - "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", - "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", - "INTELLECTUAL_PROPERTY_API_KEY": "/k8s/api/IP_API_KEY", - "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", - "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", - "VEHICLES_ALLOW_CO_OWNERS": "/k8s/api/VEHICLES_ALLOW_CO_OWNERS", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/api/IDENTITY_SERVER_CLIENT_SECRET", - "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", - "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", - "FISKISTOFA_ZENTER_EMAIL": "/k8s/api/FISKISTOFA_ZENTER_EMAIL", - "FISKISTOFA_ZENTER_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_PASSWORD", - "FISKISTOFA_ZENTER_CLIENT_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD", - "FISKISTOFA_API_URL": "/k8s/api/FISKISTOFA_API_URL", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE", - "FISKISTOFA_POWERBI_CLIENT_ID": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID", - "FISKISTOFA_POWERBI_CLIENT_SECRET": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET", - "FISKISTOFA_POWERBI_TENANT_ID": "/k8s/api/FISKISTOFA_POWERBI_TENANT_ID", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", - "HSN_WEB_FORM_RESPONSE_URL": "/k8s/api/HSN_WEB_FORM_RESPONSE_URL", - "HSN_WEB_FORM_RESPONSE_SECRET": "/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET", - "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY", - "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY", - "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY", - "CHART_STATISTIC_SOURCE_DATA_PATHS": "/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS", - "CHART_STATISTIC_CACHE_TTL": "/k8s/api/CHART_STATISTIC_CACHE_TTL", - "WATSON_ASSISTANT_CHAT_FEEDBACK_URL": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL", - "WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY", - "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY", - "ULTRAVIOLET_RADIATION_API_KEY": "/k8s/api/ULTRAVIOLET_RADIATION_API_KEY", - "UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL": "/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL", - "VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY": "/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta", - "api-catalogue" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "paths": [ - "/api" - ], - "public": true - } - }, - "namespace": "islandis", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "1200m", - "memory": "3200Mi" - }, - "requests": { - "cpu": "400m", - "memory": "896Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_ADR_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_COURT_BANKRUPTCY_CERT_PATH": { - "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", - "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", - "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" - } - }, - "secrets": { - "DOMSYSLA_PASSWORD": "/k8s/api/DOMSYSLA_PASSWORD", - "DOMSYSLA_USERNAME": "/k8s/api/DOMSYSLA_USERNAME" - } - } - }, - { - "config": { - "env": { - "XROAD_HUNTING_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", - "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", - "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FIREARM_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", - "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", - "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISABILITY_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", - "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_INSURANCE_WSDLURL": { - "dev": "https://test-huld.sjukra.is/islandrg?wsdl", - "staging": "https://test-huld.sjukra.is/islandrg?wsdl", - "prod": "https://huld.sjukra.is/islandrg?wsdl" - }, - "XROAD_HEALTH_INSURANCE_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", - "prod": "IS/GOV/4804080550/SJUKRA-Protected" - }, - "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" - } - }, - "secrets": { - "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", - "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", - "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", - "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_INTELLECTUAL_PROPERTIES_PATH": { - "dev": "IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI", - "staging": "IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI", - "prod": "IS/GOV/6501912189/WebAPI-Public/HUG-webAPI" - } - } - } - }, - { - "config": { - "env": { - "XROAD_INNA_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VMST_API_PATH": { - "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" - }, - "XROAD_VMST_MEMBER_CODE": { - "dev": "10003", - "staging": "7005942039", - "prod": "7005942039" - } - }, - "secrets": { - "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" - } - } - }, - { - "config": { - "env": { - "XROAD_DRIVING_LICENSE_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V2_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V4_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" - }, - "XROAD_DRIVING_LICENSE_V5_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" - } - }, - "secrets": { - "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10021/FJS-Public", - "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", - "prod": "IS/GOV/5402697509/FJS-Public" - }, - "XROAD_PAYMENT_BASE_CALLBACK_URL": { - "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", - "staging": "XROAD:", - "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" - }, - "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" - }, - "secrets": { - "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", - "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", - "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" - }, - "XROAD_FINANCES_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" - }, - "XROAD_HMS_LOANS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" - }, - "XROAD_HMS_HOUSING_BENEFITS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_LICENSE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" - }, - "XROAD_MMS_GRADE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PROPERTIES_SERVICE_V2_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" - } - }, - "secrets": { - "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_SCHEDULE_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", - "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CRIMINAL_RECORD_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" - } - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - }, - { - "config": { - "env": {}, - "secrets": { - "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH", - "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/api/DRIVING_LICENSE_BOOK_USERNAME", - "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD" - } - } - }, - { - "config": { - "env": { - "FISHING_LICENSE_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", - "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", - "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCIAL_AID_BACKEND_PATH": { - "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", - "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", - "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_MILEAGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PASSPORT_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_CODETABLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" - }, - "XROAD_VEHICLE_INFOLOCKS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" - }, - "XROAD_VEHICLE_OPERATORS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" - }, - "XROAD_VEHICLE_OWNER_CHANGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" - }, - "XROAD_VEHICLE_PLATE_ORDERING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" - }, - "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" - }, - "XROAD_VEHICLE_PRINTING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" - }, - "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CHARGE_FJS_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" - } - } - } - }, - { - "config": { - "env": { - "XROAD_ENERGY_FUNDS_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" - }, - "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" - }, - "XROAD_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" - }, - "XROAD_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" - }, - "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" - }, - "XROAD_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", - "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - }, - { - "config": { - "env": { - "XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Protected/recruitment-v1", - "staging": "IS-TEST/GOV/10021/FJS-Protected/recruitment-v1", - "prod": "IS/GOV/5402697509/FJS-Protected/recruitment-v1" - } - }, - "secrets": { - "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME", - "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_AIRCRAFT_REGISTRY_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HOUSING_BENEFIT_CALCULATOR_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/calc-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/calc-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1" - } - }, - "secrets": { - "HOUSING_BENEFIT_CALCULATOR_USERNAME": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME", - "HOUSING_BENEFIT_CALCULATOR_PASSWORD": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_SHIP_REGISTRY_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { - "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_SIGNATURE_COLLECTION_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_TR_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", - "prod": "IS/GOV/5012130120/TR-Protected/external-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", - "prod": "IS/GOV/10014/DMR-Protected/official-journal" - } - } - } - }, - { - "config": { - "env": { - "XROAD_JUDICIAL_SYSTEM_SP_PATH": { - "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", - "staging": "IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", - "prod": "IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", - "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_FRIGG_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", - "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", - "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_ACCIDENT_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" - } - } - } - } - ], - "files": [ - { - "filename": "islyklar.p12", - "env": "ISLYKILL_CERT" - } - ], - "volumes": [], - "accountName": "api", - "cmds": "node", - "args": [ - "--tls-min-v1.0", - "--no-experimental-fetch", - "main.js" - ], - "replicaCount": { - "default": 2, - "max": 50, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: api + args: + - --tls-min-v1.0 + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: "20000" + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.island.is + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: http://web-application-system-api.application-system.svc.cluster.local + AUTH_ADMIN_API_PATH: https://innskra.island.is/backend + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' + AUTH_DELEGATION_API_URL: https://auth-delegation-api.internal.innskra.island.is + AUTH_IDS_API_URL: https://innskra.island.is + AUTH_PUBLIC_API_URL: https://innskra.island.is/api + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 + CONSULTATION_PORTAL_CLIENT_BASE_PATH: https://samradapi.island.is + CONTACT_US_EMAIL: island@island.is + CONTENTFUL_HOST: cdn.contentful.com + DOWNLOAD_SERVICE_BASE_PATH: https://api.island.is + ELASTIC_NODE: https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/ + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: https://api.thinglysing.is/business/tolfraedi + ENDORSEMENT_SYSTEM_BASE_API_URL: http://web-endorsement-system-api.endorsement-system.svc.cluster.local + FILE_DOWNLOAD_BUCKET: island-is-prod-download-cache-api + FILE_STORAGE_UPLOAD_BUCKET: island-is-prod-upload-api + FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://star-re.crm4.dynamics.com/api/data/v9.1 + FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 + FINANCIAL_STATEMENTS_INAO_SCOPE: https://star-re.crm4.dynamics.com/.default + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token + FISHING_LICENSE_XROAD_PROVIDER_ID: IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1 + FISKISTOFA_ZENTER_CLIENT_ID: "1114" + FORM_SYSTEM_API_BASE_PATH: "" + HSN_WEB_FORM_ID: 1dimJFHLFYtnhoYEA3JxRK + HUNTING_LICENSE_PASS_TEMPLATE_ID: 5f42f942-d8d6-40bf-a186-5a9e12619d9f + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/api" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + ISLYKILL_CERT: /etc/config/islyklar.p12 + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: info + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: http://web-financial-aid-backend + NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=2880 -r dd-trace/init + REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local + SEND_FROM_EMAIL: island@island.is + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local + SESSIONS_API_URL: http://web-services-sessions.services-sessions.svc.cluster.local + SYSLUMENN_TIMEOUT: "40000" + TELL_US_A_STORY_EMAIL: sogur@island.is + UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local + USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local + USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local + WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: island-is-assistant-feedback + XROAD_ADR_MACHINE_LICENSE_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1 + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/4112043590/LBHI-Protected/brautskraning-v1 + XROAD_AIRCRAFT_REGISTRY_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1 + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_BIFROST_UNIVERSITY_PATH: IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1 + XROAD_CHARGE_FJS_V2_PATH: IS/GOV/5402697509/FJS-Public/chargeFJS_v2 + XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_COURT_BANKRUPTCY_CERT_PATH: IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1 + XROAD_CRIMINAL_RECORD_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1 + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1 + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1 + XROAD_DISABILITY_LICENSE_PATH: IS/GOV/5012130120/TR-Protected/oryrki-v1 + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: "20000" + XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 + XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 + XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 + XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 + XROAD_ENERGY_FUNDS_PATH: IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1 + XROAD_FINANCES_PATH: IS/GOV/5402697509/FJS-Public/financeIsland + XROAD_FINANCES_TIMEOUT: "20000" + XROAD_FINANCES_V2_PATH: IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2 + XROAD_FINANCIAL_AID_BACKEND_PATH: IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend + XROAD_FIREARM_LICENSE_PATH: IS/GOV/5309672079/Logreglan-Protected/island-api-v1 + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1 + XROAD_HEALTH_DIRECTORATE_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1 + XROAD_HEALTH_INSURANCE_ID: IS/GOV/4804080550/SJUKRA-Protected + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS/GOV/4804080550/SJUKRA-Protected/minarsidur + XROAD_HEALTH_INSURANCE_WSDLURL: https://huld.sjukra.is/islandrg?wsdl + XROAD_HMS_HOUSING_BENEFITS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1 + XROAD_HMS_LOANS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1 + XROAD_HOLAR_UNIVERSITY_PATH: IS/EDU/5001694359/Holar-Protected/brautskraning-v1 + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1 + XROAD_HUNTING_LICENSE_PATH: IS/GOV/7010022880/Umhverfisstofnun-Protected/api + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: IS/GOV/5402697509/FJS-Protected/recruitment-v1 + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS/EDU/4210984099/LHI-Protected/brautskraning-v1 + XROAD_INNA_PATH: IS/GOV/6601241280/MMS-Protected/inna-v1 + XROAD_INTELLECTUAL_PROPERTIES_PATH: IS/GOV/6501912189/WebAPI-Public/HUG-webAPI + XROAD_JUDICIAL_SYSTEM_SP_PATH: IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api + XROAD_MMS_FRIGG_PATH: IS/GOV/10066/MMS-Protected/frigg-form-service + XROAD_MMS_GRADE_SERVICE_ID: IS/GOV/6601241280/MMS-Protected/grade-api-v1 + XROAD_MMS_LICENSE_SERVICE_ID: IS/GOV/6601241280/MMS-Protected/license-api-v1 + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_NATIONAL_REGISTRY_TIMEOUT: "20000" + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS/GOV/10014/DMR-Protected/official-journal-application + XROAD_OFFICIAL_JOURNAL_PATH: IS/GOV/10014/DMR-Protected/official-journal + XROAD_PASSPORT_LICENSE_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1 + XROAD_PAYMENT_ADDITION_CALLBACK_URL: / + XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/ + XROAD_PAYMENT_PROVIDER_ID: IS/GOV/5402697509/FJS-Public + XROAD_PAYMENT_SCHEDULE_PATH: IS/GOV/5402697509/FJS-Public/paymentSchedule_v1 + XROAD_PROPERTIES_SERVICE_V2_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1 + XROAD_PROPERTIES_TIMEOUT: "35000" + XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1 + XROAD_SIGNATURE_COLLECTION_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + XROAD_TR_PATH: IS/GOV/5012130120/TR-Protected/external-v1 + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS/EDU/5206871229/UNAK-Protected/brautskraning-v1 + XROAD_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/6001692039/HI-Protected/brautskraning-v1 + XROAD_VEHICLES_MILEAGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1 + XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 + XROAD_VEHICLE_CODETABLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1 + XROAD_VEHICLE_INFOLOCKS_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1 + XROAD_VEHICLE_OPERATORS_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3 + XROAD_VEHICLE_OWNER_CHANGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2 + XROAD_VEHICLE_PLATE_ORDERING_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 + XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 + XROAD_VEHICLE_PRINTING_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1 + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1 + XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 + XROAD_VMST_MEMBER_CODE: "7005942039" + XROAD_WORK_ACCIDENT_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token + XROAD_WORK_MACHINE_LICENSE_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + files: + - islyklar.p12 + grantNamespaces: + - nginx-ingress-external + - api-catalogue + - application-system + - consultation-portal + - portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: island.is + paths: + - /api + - host: www.island.is + paths: + - /api + namespace: islandis + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: 1200m + memory: 3200Mi + requests: + cpu: 400m + memory: 896Mi + secrets: + ADR_LICENSE_FETCH_TIMEOUT: /k8s/api/ADR_LICENSE_FETCH_TIMEOUT + ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID + APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET + CHART_STATISTIC_CACHE_TTL: /k8s/api/CHART_STATISTIC_CACHE_TTL + CHART_STATISTIC_SOURCE_DATA_PATHS: /k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY + DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT + DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID + DOCUMENT_PROVIDER_BASE_PATH: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH + DOCUMENT_PROVIDER_BASE_PATH_TEST: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST + DOCUMENT_PROVIDER_CLIENTID: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID + DOCUMENT_PROVIDER_CLIENTID_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST + DOCUMENT_PROVIDER_CLIENT_SECRET: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST + DOCUMENT_PROVIDER_TOKEN_URL: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL + DOCUMENT_PROVIDER_TOKEN_URL_TEST: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST + DOMSYSLA_PASSWORD: /k8s/api/DOMSYSLA_PASSWORD + DOMSYSLA_USERNAME: /k8s/api/DOMSYSLA_USERNAME + DRIVING_LICENSE_BOOK_PASSWORD: /k8s/api/DRIVING_LICENSE_BOOK_PASSWORD + DRIVING_LICENSE_BOOK_USERNAME: /k8s/api/DRIVING_LICENSE_BOOK_USERNAME + DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH + DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT + DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET + FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT + FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL + FISKISTOFA_API_URL: /k8s/api/FISKISTOFA_API_URL + FISKISTOFA_POWERBI_CLIENT_ID: /k8s/api/FISKISTOFA_POWERBI_CLIENT_ID + FISKISTOFA_POWERBI_CLIENT_SECRET: /k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET + FISKISTOFA_POWERBI_TENANT_ID: /k8s/api/FISKISTOFA_POWERBI_TENANT_ID + FISKISTOFA_ZENTER_CLIENT_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD + FISKISTOFA_ZENTER_EMAIL: /k8s/api/FISKISTOFA_ZENTER_EMAIL + FISKISTOFA_ZENTER_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_PASSWORD + HOUSING_BENEFIT_CALCULATOR_PASSWORD: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD + HOUSING_BENEFIT_CALCULATOR_USERNAME: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME + HSN_WEB_FORM_RESPONSE_SECRET: /k8s/api/HSN_WEB_FORM_RESPONSE_SECRET + HSN_WEB_FORM_RESPONSE_URL: /k8s/api/HSN_WEB_FORM_RESPONSE_URL + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME + IDENTITY_SERVER_CLIENT_SECRET: /k8s/api/IDENTITY_SERVER_CLIENT_SECRET + INTELLECTUAL_PROPERTY_API_KEY: /k8s/api/IP_API_KEY + ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH + ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE + LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY + MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY + PKPASS_API_URL: /k8s/api/PKPASS_API_URL + PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES + PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA + PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY + POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH + POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID + POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET + POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL + REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY + SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL + SYSLUMENN_HOST: /k8s/api/SYSLUMENN_HOST + SYSLUMENN_PASSWORD: /k8s/api/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/api/SYSLUMENN_USERNAME + TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY + ULTRAVIOLET_RADIATION_API_KEY: /k8s/api/ULTRAVIOLET_RADIATION_API_KEY + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: /k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL + UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY + VEHICLES_ALLOW_CO_OWNERS: /k8s/api/VEHICLES_ALLOW_CO_OWNERS + VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: /k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL + XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD + XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD + XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/api + create: true + name: api diff --git a/charts/services/api/values.staging.yaml b/charts/services/api/values.staging.yaml index 5ba1c6a118e6..5e247a64ab9e 100644 --- a/charts/services/api/values.staging.yaml +++ b/charts/services/api/values.staging.yaml @@ -1,1062 +1,305 @@ -{ - "api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { - "dev": "loftbru.dev01.devland.is", - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - }, - "FILE_STORAGE_UPLOAD_BUCKET": { - "dev": "island-is-dev-upload-api", - "staging": "island-is-staging-upload-api", - "prod": "island-is-prod-upload-api" - }, - "AUTH_PUBLIC_API_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/" - }, - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTACT_US_EMAIL": { - "prod": "island@island.is", - "staging": "island@island.is", - "dev": "s@kogk.is" - }, - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "stjanilofts" - }, - "TELL_US_A_STORY_EMAIL": { - "dev": "s@kogk.is", - "staging": "sogur@island.is", - "prod": "sogur@island.is" - }, - "SEND_FROM_EMAIL": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "island@island.is" - }, - "FILE_DOWNLOAD_BUCKET": { - "dev": "island-is-dev-download-cache-api", - "staging": "island-is-staging-download-cache-api", - "prod": "island-is-prod-download-cache-api" - }, - "DOWNLOAD_SERVICE_BASE_PATH": { - "prod": "https://api.island.is", - "dev": "https://api.dev01.devland.is", - "staging": "https://api.staging01.devland.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/api", - "AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT": "20000", - "XROAD_NATIONAL_REGISTRY_TIMEOUT": "20000", - "XROAD_PROPERTIES_TIMEOUT": "35000", - "SYSLUMENN_TIMEOUT": "40000", - "XROAD_DRIVING_LICENSE_BOOK_TIMEOUT": "20000", - "XROAD_FINANCES_TIMEOUT": "20000", - "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL": { - "dev": "http://web-financial-aid-backend", - "staging": "http://web-financial-aid-backend", - "prod": "http://web-financial-aid-backend" - }, - "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { - "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" - }, - "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", - "FINANCIAL_STATEMENTS_INAO_SCOPE": { - "dev": "https://dev-re.crm4.dynamics.com/.default", - "staging": "https://dev-re.crm4.dynamics.com/.default", - "prod": "https://star-re.crm4.dynamics.com/.default" - }, - "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", - "ELECTRONIC_REGISTRATION_STATISTICS_API_URL": { - "dev": "https://api-staging.thinglysing.is/business/tolfraedi", - "staging": "https://api-staging.thinglysing.is/business/tolfraedi", - "prod": "https://api.thinglysing.is/business/tolfraedi" - }, - "FORM_SYSTEM_API_BASE_PATH": { - "dev": "https://profun.island.is/umsoknarkerfi", - "staging": "", - "prod": "" - }, - "CONSULTATION_PORTAL_CLIENT_BASE_PATH": { - "dev": "https://samradapi-test.devland.is", - "staging": "https://samradapi-test.devland.is", - "prod": "https://samradapi.island.is" - }, - "FISKISTOFA_ZENTER_CLIENT_ID": "1114", - "HSN_WEB_FORM_ID": "1dimJFHLFYtnhoYEA3JxRK", - "AUTH_ADMIN_API_PATH": { - "dev": "https://identity-server.dev01.devland.is/backend", - "staging": "https://identity-server.staging01.devland.is/backend", - "prod": "https://innskra.island.is/backend" - }, - "AUTH_ADMIN_API_PATHS": { - "dev": "{\"development\":\"https://identity-server.dev01.devland.is/backend\"}", - "staging": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\"}", - "prod": "{\"development\":\"https://identity-server.dev01.devland.is/backend\",\"staging\":\"https://identity-server.staging01.devland.is/backend\",\"production\":\"https://innskra.island.is/backend\"}" - }, - "AUTH_IDS_API_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "HUNTING_LICENSE_PASS_TEMPLATE_ID": { - "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "prod": "5f42f942-d8d6-40bf-a186-5a9e12619d9f" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "APOLLO_CACHE_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "LICENSE_SERVICE_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_SCOPE": "[\"@rsk.is/prokura\",\"@rsk.is/prokura:admin\"]", - "WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME": { - "dev": "island-is-assistant-feedback", - "staging": "island-is-assistant-feedback", - "prod": "island-is-assistant-feedback" - } - }, - "features": {}, - "name": "api", - "grantNamespaces": [ - "nginx-ingress-external", - "api-catalogue", - "application-system", - "consultation-portal", - "portals-admin" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET", - "DOCUMENT_PROVIDER_BASE_PATH": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH", - "DOCUMENT_PROVIDER_TOKEN_URL": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL", - "DOCUMENT_PROVIDER_BASE_PATH_TEST": "/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST", - "DOCUMENT_PROVIDER_TOKEN_URL_TEST": "/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST", - "SYSLUMENN_HOST": "/k8s/api/SYSLUMENN_HOST", - "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", - "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", - "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", - "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", - "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", - "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", - "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", - "DOCUMENT_PROVIDER_CLIENTID": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID", - "DOCUMENT_PROVIDER_CLIENT_SECRET": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET", - "DOCUMENT_PROVIDER_CLIENTID_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST", - "DOCUMENT_PROVIDER_CLIENT_SECRET_TEST": "/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST", - "SYSLUMENN_USERNAME": "/k8s/api/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/api/SYSLUMENN_PASSWORD", - "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", - "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", - "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", - "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", - "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", - "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", - "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", - "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", - "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", - "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", - "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", - "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", - "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", - "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", - "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", - "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", - "ADR_LICENSE_FETCH_TIMEOUT": "/k8s/api/ADR_LICENSE_FETCH_TIMEOUT", - "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", - "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", - "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", - "INTELLECTUAL_PROPERTY_API_KEY": "/k8s/api/IP_API_KEY", - "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", - "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", - "VEHICLES_ALLOW_CO_OWNERS": "/k8s/api/VEHICLES_ALLOW_CO_OWNERS", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/api/IDENTITY_SERVER_CLIENT_SECRET", - "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", - "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", - "FISKISTOFA_ZENTER_EMAIL": "/k8s/api/FISKISTOFA_ZENTER_EMAIL", - "FISKISTOFA_ZENTER_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_PASSWORD", - "FISKISTOFA_ZENTER_CLIENT_PASSWORD": "/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD", - "FISKISTOFA_API_URL": "/k8s/api/FISKISTOFA_API_URL", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID", - "FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE": "/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE", - "FISKISTOFA_POWERBI_CLIENT_ID": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID", - "FISKISTOFA_POWERBI_CLIENT_SECRET": "/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET", - "FISKISTOFA_POWERBI_TENANT_ID": "/k8s/api/FISKISTOFA_POWERBI_TENANT_ID", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", - "HSN_WEB_FORM_RESPONSE_URL": "/k8s/api/HSN_WEB_FORM_RESPONSE_URL", - "HSN_WEB_FORM_RESPONSE_SECRET": "/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET", - "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY", - "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY", - "DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY": "/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY", - "CHART_STATISTIC_SOURCE_DATA_PATHS": "/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS", - "CHART_STATISTIC_CACHE_TTL": "/k8s/api/CHART_STATISTIC_CACHE_TTL", - "WATSON_ASSISTANT_CHAT_FEEDBACK_URL": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL", - "WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY": "/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY", - "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY", - "ULTRAVIOLET_RADIATION_API_KEY": "/k8s/api/ULTRAVIOLET_RADIATION_API_KEY", - "UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL": "/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL", - "VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY": "/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta", - "api-catalogue" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "paths": [ - "/api" - ], - "public": true - } - }, - "namespace": "islandis", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "1200m", - "memory": "3200Mi" - }, - "requests": { - "cpu": "400m", - "memory": "896Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_ADR_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_COURT_BANKRUPTCY_CERT_PATH": { - "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", - "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", - "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" - } - }, - "secrets": { - "DOMSYSLA_PASSWORD": "/k8s/api/DOMSYSLA_PASSWORD", - "DOMSYSLA_USERNAME": "/k8s/api/DOMSYSLA_USERNAME" - } - } - }, - { - "config": { - "env": { - "XROAD_HUNTING_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", - "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", - "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FIREARM_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", - "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", - "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISABILITY_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", - "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_INSURANCE_WSDLURL": { - "dev": "https://test-huld.sjukra.is/islandrg?wsdl", - "staging": "https://test-huld.sjukra.is/islandrg?wsdl", - "prod": "https://huld.sjukra.is/islandrg?wsdl" - }, - "XROAD_HEALTH_INSURANCE_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", - "prod": "IS/GOV/4804080550/SJUKRA-Protected" - }, - "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" - } - }, - "secrets": { - "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", - "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", - "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", - "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_INTELLECTUAL_PROPERTIES_PATH": { - "dev": "IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI", - "staging": "IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI", - "prod": "IS/GOV/6501912189/WebAPI-Public/HUG-webAPI" - } - } - } - }, - { - "config": { - "env": { - "XROAD_INNA_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VMST_API_PATH": { - "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" - }, - "XROAD_VMST_MEMBER_CODE": { - "dev": "10003", - "staging": "7005942039", - "prod": "7005942039" - } - }, - "secrets": { - "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" - } - } - }, - { - "config": { - "env": { - "XROAD_DRIVING_LICENSE_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V2_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V4_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" - }, - "XROAD_DRIVING_LICENSE_V5_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" - } - }, - "secrets": { - "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10021/FJS-Public", - "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", - "prod": "IS/GOV/5402697509/FJS-Public" - }, - "XROAD_PAYMENT_BASE_CALLBACK_URL": { - "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", - "staging": "XROAD:", - "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" - }, - "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" - }, - "secrets": { - "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", - "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", - "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" - }, - "XROAD_FINANCES_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" - }, - "XROAD_HMS_LOANS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" - }, - "XROAD_HMS_HOUSING_BENEFITS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_LICENSE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" - }, - "XROAD_MMS_GRADE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PROPERTIES_SERVICE_V2_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" - } - }, - "secrets": { - "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_SCHEDULE_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", - "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CRIMINAL_RECORD_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" - } - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - }, - { - "config": { - "env": {}, - "secrets": { - "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH", - "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/api/DRIVING_LICENSE_BOOK_USERNAME", - "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD" - } - } - }, - { - "config": { - "env": { - "FISHING_LICENSE_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", - "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", - "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCIAL_AID_BACKEND_PATH": { - "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", - "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", - "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_MILEAGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PASSPORT_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_CODETABLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" - }, - "XROAD_VEHICLE_INFOLOCKS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" - }, - "XROAD_VEHICLE_OPERATORS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" - }, - "XROAD_VEHICLE_OWNER_CHANGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" - }, - "XROAD_VEHICLE_PLATE_ORDERING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" - }, - "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" - }, - "XROAD_VEHICLE_PRINTING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" - }, - "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CHARGE_FJS_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" - } - } - } - }, - { - "config": { - "env": { - "XROAD_ENERGY_FUNDS_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" - }, - "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" - }, - "XROAD_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" - }, - "XROAD_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" - }, - "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" - }, - "XROAD_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", - "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - }, - { - "config": { - "env": { - "XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Protected/recruitment-v1", - "staging": "IS-TEST/GOV/10021/FJS-Protected/recruitment-v1", - "prod": "IS/GOV/5402697509/FJS-Protected/recruitment-v1" - } - }, - "secrets": { - "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME", - "ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD": "/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_AIRCRAFT_REGISTRY_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HOUSING_BENEFIT_CALCULATOR_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/calc-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/calc-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1" - } - }, - "secrets": { - "HOUSING_BENEFIT_CALCULATOR_USERNAME": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME", - "HOUSING_BENEFIT_CALCULATOR_PASSWORD": "/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_SHIP_REGISTRY_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { - "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_SIGNATURE_COLLECTION_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_TR_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", - "prod": "IS/GOV/5012130120/TR-Protected/external-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", - "prod": "IS/GOV/10014/DMR-Protected/official-journal" - } - } - } - }, - { - "config": { - "env": { - "XROAD_JUDICIAL_SYSTEM_SP_PATH": { - "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", - "staging": "IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api", - "prod": "IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", - "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_FRIGG_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", - "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", - "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_ACCIDENT_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" - } - } - } - } - ], - "files": [ - { - "filename": "islyklar.p12", - "env": "ISLYKILL_CERT" - } - ], - "volumes": [], - "accountName": "api", - "cmds": "node", - "args": [ - "--tls-min-v1.0", - "--no-experimental-fetch", - "main.js" - ], - "replicaCount": { - "default": 2, - "max": 50, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: api + args: + - --tls-min-v1.0 + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + AIR_DISCOUNT_SCHEME_BACKEND_URL: http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: "20000" + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.staging01.devland.is + APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + APPLICATION_SYSTEM_API_URL: http://web-application-system-api.application-system.svc.cluster.local + AUTH_ADMIN_API_PATH: https://identity-server.staging01.devland.is/backend + AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' + AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_IDS_API_URL: https://identity-server.staging01.devland.is + AUTH_PUBLIC_API_URL: https://identity-server.staging01.devland.is/api + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 + CONSULTATION_PORTAL_CLIENT_BASE_PATH: https://samradapi-test.devland.is + CONTACT_US_EMAIL: island@island.is + CONTENTFUL_HOST: cdn.contentful.com + DOWNLOAD_SERVICE_BASE_PATH: https://api.staging01.devland.is + ELASTIC_NODE: https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/ + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: https://api-staging.thinglysing.is/business/tolfraedi + ENDORSEMENT_SYSTEM_BASE_API_URL: http://web-endorsement-system-api.endorsement-system.svc.cluster.local + FILE_DOWNLOAD_BUCKET: island-is-staging-download-cache-api + FILE_STORAGE_UPLOAD_BUCKET: island-is-staging-upload-api + FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://dev-re.crm4.dynamics.com/api/data/v9.1 + FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 + FINANCIAL_STATEMENTS_INAO_SCOPE: https://dev-re.crm4.dynamics.com/.default + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token + FISHING_LICENSE_XROAD_PROVIDER_ID: IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1 + FISKISTOFA_ZENTER_CLIENT_ID: "1114" + FORM_SYSTEM_API_BASE_PATH: "" + HSN_WEB_FORM_ID: 1dimJFHLFYtnhoYEA3JxRK + HUNTING_LICENSE_PASS_TEMPLATE_ID: 1da72d52-a93a-4d0f-8463-1933a2bd210b + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + ISLYKILL_CERT: /etc/config/islyklar.p12 + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: info + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: http://web-financial-aid-backend + NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=2880 -r dd-trace/init + REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local + SEND_FROM_EMAIL: development@island.is + SERVERSIDE_FEATURES_ON: "" + SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local + SESSIONS_API_URL: http://web-services-sessions.services-sessions.svc.cluster.local + SYSLUMENN_TIMEOUT: "40000" + TELL_US_A_STORY_EMAIL: sogur@island.is + UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local + USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local + USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local + WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: island-is-assistant-feedback + XROAD_ADR_MACHINE_LICENSE_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1 + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1 + XROAD_AIRCRAFT_REGISTRY_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1 + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_BIFROST_UNIVERSITY_PATH: IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1 + XROAD_CHARGE_FJS_V2_PATH: IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2 + XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_COURT_BANKRUPTCY_CERT_PATH: IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1 + XROAD_CRIMINAL_RECORD_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1 + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1 + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1 + XROAD_DISABILITY_LICENSE_PATH: IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1 + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: "20000" + XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1 + XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2 + XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 + XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 + XROAD_ENERGY_FUNDS_PATH: IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1 + XROAD_FINANCES_PATH: IS-TEST/GOV/10021/FJS-Public/financeIsland + XROAD_FINANCES_TIMEOUT: "20000" + XROAD_FINANCES_V2_PATH: IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2 + XROAD_FINANCIAL_AID_BACKEND_PATH: IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend + XROAD_FIREARM_LICENSE_PATH: IS/GOV/5309672079/Logreglan-Protected/island-api-v1 + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1 + XROAD_HEALTH_DIRECTORATE_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1 + XROAD_HEALTH_INSURANCE_ID: IS-TEST/GOV/4804080550/SJUKRA-Protected + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur + XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl + XROAD_HMS_HOUSING_BENEFITS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1 + XROAD_HMS_LOANS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/libra-v1 + XROAD_HOLAR_UNIVERSITY_PATH: IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1 + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: IS-TEST/GOV/5812191480/HMS-Protected/calc-v1 + XROAD_HUNTING_LICENSE_PATH: IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: IS-TEST/GOV/10021/FJS-Protected/recruitment-v1 + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1 + XROAD_INNA_PATH: IS-TEST/GOV/6601241280/MMS-Protected/inna-v1 + XROAD_INTELLECTUAL_PROPERTIES_PATH: IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI + XROAD_JUDICIAL_SYSTEM_SP_PATH: IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api + XROAD_MMS_FRIGG_PATH: IS-TEST/GOV/10066/MMS-Protected/frigg-form-service + XROAD_MMS_GRADE_SERVICE_ID: IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1 + XROAD_MMS_LICENSE_SERVICE_ID: IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1 + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_NATIONAL_REGISTRY_TIMEOUT: "20000" + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS-TEST/GOV/10014/DMR-Protected/official-journal-application + XROAD_OFFICIAL_JOURNAL_PATH: IS-TEST/GOV/10014/DMR-Protected/official-journal + XROAD_PASSPORT_LICENSE_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1 + XROAD_PAYMENT_ADDITION_CALLBACK_URL: / + XROAD_PAYMENT_BASE_CALLBACK_URL: "XROAD:" + XROAD_PAYMENT_PROVIDER_ID: IS-TEST/GOV/10021/FJS-DEV-Public + XROAD_PAYMENT_SCHEDULE_PATH: IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1 + XROAD_PROPERTIES_SERVICE_V2_PATH: IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1 + XROAD_PROPERTIES_TIMEOUT: "35000" + XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' + XROAD_SHIP_REGISTRY_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1 + XROAD_SIGNATURE_COLLECTION_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_TR_PATH: IS-TEST/GOV/5012130120/TR-Protected/external-v1 + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1 + XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10010/HI-Protected/brautskraning-v1 + XROAD_VEHICLES_MILEAGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1 + XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 + XROAD_VEHICLE_CODETABLES_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1 + XROAD_VEHICLE_INFOLOCKS_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1 + XROAD_VEHICLE_OPERATORS_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3 + XROAD_VEHICLE_OWNER_CHANGE_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2 + XROAD_VEHICLE_PLATE_ORDERING_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 + XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 + XROAD_VEHICLE_PRINTING_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1 + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1 + XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 + XROAD_VMST_MEMBER_CODE: "7005942039" + XROAD_WORK_ACCIDENT_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token + XROAD_WORK_MACHINE_LICENSE_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + files: + - islyklar.p12 + grantNamespaces: + - nginx-ingress-external + - api-catalogue + - application-system + - consultation-portal + - portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.staging01.devland.is + paths: + - /api + namespace: islandis + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: 1200m + memory: 3200Mi + requests: + cpu: 400m + memory: 896Mi + secrets: + ADR_LICENSE_FETCH_TIMEOUT: /k8s/api/ADR_LICENSE_FETCH_TIMEOUT + ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID + APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET + CHART_STATISTIC_CACHE_TTL: /k8s/api/CHART_STATISTIC_CACHE_TTL + CHART_STATISTIC_SOURCE_DATA_PATHS: /k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY + DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT + DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID + DOCUMENT_PROVIDER_BASE_PATH: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH + DOCUMENT_PROVIDER_BASE_PATH_TEST: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST + DOCUMENT_PROVIDER_CLIENTID: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID + DOCUMENT_PROVIDER_CLIENTID_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST + DOCUMENT_PROVIDER_CLIENT_SECRET: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST + DOCUMENT_PROVIDER_TOKEN_URL: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL + DOCUMENT_PROVIDER_TOKEN_URL_TEST: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST + DOMSYSLA_PASSWORD: /k8s/api/DOMSYSLA_PASSWORD + DOMSYSLA_USERNAME: /k8s/api/DOMSYSLA_USERNAME + DRIVING_LICENSE_BOOK_PASSWORD: /k8s/api/DRIVING_LICENSE_BOOK_PASSWORD + DRIVING_LICENSE_BOOK_USERNAME: /k8s/api/DRIVING_LICENSE_BOOK_USERNAME + DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH + DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT + DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET + FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT + FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL + FISKISTOFA_API_URL: /k8s/api/FISKISTOFA_API_URL + FISKISTOFA_POWERBI_CLIENT_ID: /k8s/api/FISKISTOFA_POWERBI_CLIENT_ID + FISKISTOFA_POWERBI_CLIENT_SECRET: /k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET + FISKISTOFA_POWERBI_TENANT_ID: /k8s/api/FISKISTOFA_POWERBI_TENANT_ID + FISKISTOFA_ZENTER_CLIENT_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD + FISKISTOFA_ZENTER_EMAIL: /k8s/api/FISKISTOFA_ZENTER_EMAIL + FISKISTOFA_ZENTER_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_PASSWORD + HOUSING_BENEFIT_CALCULATOR_PASSWORD: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD + HOUSING_BENEFIT_CALCULATOR_USERNAME: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME + HSN_WEB_FORM_RESPONSE_SECRET: /k8s/api/HSN_WEB_FORM_RESPONSE_SECRET + HSN_WEB_FORM_RESPONSE_URL: /k8s/api/HSN_WEB_FORM_RESPONSE_URL + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME + IDENTITY_SERVER_CLIENT_SECRET: /k8s/api/IDENTITY_SERVER_CLIENT_SECRET + INTELLECTUAL_PROPERTY_API_KEY: /k8s/api/IP_API_KEY + ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH + ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE + LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY + MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY + PKPASS_API_URL: /k8s/api/PKPASS_API_URL + PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES + PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA + PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY + POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH + POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID + POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET + POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL + REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY + SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL + SYSLUMENN_HOST: /k8s/api/SYSLUMENN_HOST + SYSLUMENN_PASSWORD: /k8s/api/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/api/SYSLUMENN_USERNAME + TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY + ULTRAVIOLET_RADIATION_API_KEY: /k8s/api/ULTRAVIOLET_RADIATION_API_KEY + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: /k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL + UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY + VEHICLES_ALLOW_CO_OWNERS: /k8s/api/VEHICLES_ALLOW_CO_OWNERS + VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: /k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL + XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD + XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD + XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/api + create: true + name: api diff --git a/charts/services/application-system-api-worker/values.dev.yaml b/charts/services/application-system-api-worker/values.dev.yaml index 0963922da2ae..1519903f0238 100644 --- a/charts/services/application-system-api-worker/values.dev.yaml +++ b/charts/services/application-system-api-worker/values.dev.yaml @@ -1,203 +1,102 @@ -{ - "application-system-api-worker": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_CHARGE_FJS_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" - }, - "APPLICATION_ATTACHMENT_BUCKET": { - "dev": "island-is-dev-storage-application-system", - "staging": "island-is-staging-storage-application-system", - "prod": "island-is-prod-storage-application-system" - }, - "FILE_SERVICE_PRESIGN_BUCKET": { - "dev": "island-is-dev-fs-presign-bucket", - "staging": "island-is-staging-fs-presign-bucket", - "prod": "island-is-prod-fs-presign-bucket" - }, - "FILE_STORAGE_UPLOAD_BUCKET": { - "dev": "island-is-dev-upload-api", - "staging": "island-is-staging-upload-api", - "prod": "island-is-prod-upload-api" - }, - "CLIENT_LOCATION_ORIGIN": { - "dev": "https://beta.dev01.devland.is/umsoknir", - "staging": "https://beta.staging01.devland.is/umsoknir", - "prod": "https://island.is/umsoknir", - "local": "http://localhost:4200/umsoknir" - } - }, - "features": {}, - "name": "application-system-api-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", - "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", - "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", - "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", - "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", - "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", - "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", - "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", - "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", - "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", - "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME" - }, - "ingress": {}, - "namespace": "application-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "768Mi" - }, - "requests": { - "cpu": "150m", - "memory": "384Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10021/FJS-Public", - "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", - "prod": "IS/GOV/5402697509/FJS-Public" - }, - "XROAD_PAYMENT_BASE_CALLBACK_URL": { - "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", - "staging": "XROAD:", - "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" - }, - "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" - }, - "secrets": { - "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", - "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_INNA_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" - } - } - } - }, - { - "config": { - "env": { - "EHIC_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "application-system-api", - "postgres": { - "username": "application_system_api", - "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", - "name": "application_system_api" - }, - "accountName": "application-system-api-worker", - "redis": {}, - "args": [ - "main.js", - "--job", - "worker" - ], - "cmds": "node", - "extraAttributes": { - "dev": { - "schedule": "*/30 * * * *" - }, - "staging": { - "schedule": "*/30 * * * *" - }, - "prod": { - "schedule": "*/30 * * * *" - } - } - } - } -} \ No newline at end of file +service: + name: application-system-api-worker + args: + - main.js + - --job + - worker + command: + - node + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: island-is-dev-storage-application-system + CLIENT_LOCATION_ORIGIN: https://beta.dev01.devland.is/umsoknir + DB_HOST: postgres-applications.internal + DB_NAME: application_system_api + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: application_system_api + EHIC_XROAD_PROVIDER_ID: IS-DEV/GOV/10007/SJUKRA-Protected/ehic + FILE_SERVICE_PRESIGN_BUCKET: island-is-dev-fs-presign-bucket + FILE_STORAGE_UPLOAD_BUCKET: island-is-dev-upload-api + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CHARGE_FJS_V2_PATH: IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2 + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_INNA_PATH: IS-DEV/GOV/10066/MMS-Protected/inna-v1 + XROAD_PAYMENT_ADDITION_CALLBACK_URL: / + XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/ + XROAD_PAYMENT_PROVIDER_ID: IS-DEV/GOV/10021/FJS-Public + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_WORK_MACHINE_LICENSE_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token + grantNamespaces: + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api + namespace: application-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 768Mi + requests: + cpu: 150m + memory: 384Mi + schedule: "*/30 * * * *" + secrets: + ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/application-system-api/DB_PASSWORD + DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN + DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL + DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD + DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME + DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD + DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME + DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH + IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET + SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST + SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME + XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD + XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/application-system-api-worker + create: true + name: application-system-api-worker diff --git a/charts/services/application-system-api-worker/values.prod.yaml b/charts/services/application-system-api-worker/values.prod.yaml index 0963922da2ae..0f05713b14ad 100644 --- a/charts/services/application-system-api-worker/values.prod.yaml +++ b/charts/services/application-system-api-worker/values.prod.yaml @@ -1,203 +1,102 @@ -{ - "application-system-api-worker": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_CHARGE_FJS_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" - }, - "APPLICATION_ATTACHMENT_BUCKET": { - "dev": "island-is-dev-storage-application-system", - "staging": "island-is-staging-storage-application-system", - "prod": "island-is-prod-storage-application-system" - }, - "FILE_SERVICE_PRESIGN_BUCKET": { - "dev": "island-is-dev-fs-presign-bucket", - "staging": "island-is-staging-fs-presign-bucket", - "prod": "island-is-prod-fs-presign-bucket" - }, - "FILE_STORAGE_UPLOAD_BUCKET": { - "dev": "island-is-dev-upload-api", - "staging": "island-is-staging-upload-api", - "prod": "island-is-prod-upload-api" - }, - "CLIENT_LOCATION_ORIGIN": { - "dev": "https://beta.dev01.devland.is/umsoknir", - "staging": "https://beta.staging01.devland.is/umsoknir", - "prod": "https://island.is/umsoknir", - "local": "http://localhost:4200/umsoknir" - } - }, - "features": {}, - "name": "application-system-api-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", - "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", - "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", - "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", - "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", - "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", - "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", - "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", - "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", - "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", - "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME" - }, - "ingress": {}, - "namespace": "application-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "768Mi" - }, - "requests": { - "cpu": "150m", - "memory": "384Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10021/FJS-Public", - "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", - "prod": "IS/GOV/5402697509/FJS-Public" - }, - "XROAD_PAYMENT_BASE_CALLBACK_URL": { - "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", - "staging": "XROAD:", - "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" - }, - "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" - }, - "secrets": { - "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", - "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_INNA_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" - } - } - } - }, - { - "config": { - "env": { - "EHIC_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "application-system-api", - "postgres": { - "username": "application_system_api", - "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", - "name": "application_system_api" - }, - "accountName": "application-system-api-worker", - "redis": {}, - "args": [ - "main.js", - "--job", - "worker" - ], - "cmds": "node", - "extraAttributes": { - "dev": { - "schedule": "*/30 * * * *" - }, - "staging": { - "schedule": "*/30 * * * *" - }, - "prod": { - "schedule": "*/30 * * * *" - } - } - } - } -} \ No newline at end of file +service: + name: application-system-api-worker + args: + - main.js + - --job + - worker + command: + - node + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: island-is-prod-storage-application-system + CLIENT_LOCATION_ORIGIN: https://island.is/umsoknir + DB_HOST: postgres-applications.internal + DB_NAME: application_system_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: application_system_api + EHIC_XROAD_PROVIDER_ID: IS/GOV/4804080550/SJUKRA-Protected/ehic + FILE_SERVICE_PRESIGN_BUCKET: island-is-prod-fs-presign-bucket + FILE_STORAGE_UPLOAD_BUCKET: island-is-prod-upload-api + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CHARGE_FJS_V2_PATH: IS/GOV/5402697509/FJS-Public/chargeFJS_v2 + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_INNA_PATH: IS/GOV/6601241280/MMS-Protected/inna-v1 + XROAD_PAYMENT_ADDITION_CALLBACK_URL: / + XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/ + XROAD_PAYMENT_PROVIDER_ID: IS/GOV/5402697509/FJS-Public + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + XROAD_WORK_MACHINE_LICENSE_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + grantNamespaces: + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api + namespace: application-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 400m + memory: 768Mi + requests: + cpu: 150m + memory: 384Mi + schedule: "*/30 * * * *" + secrets: + ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/application-system-api/DB_PASSWORD + DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN + DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL + DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD + DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME + DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD + DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME + DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH + IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET + SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST + SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME + XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD + XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/application-system-api-worker + create: true + name: application-system-api-worker diff --git a/charts/services/application-system-api-worker/values.staging.yaml b/charts/services/application-system-api-worker/values.staging.yaml index 0963922da2ae..1951c13ced11 100644 --- a/charts/services/application-system-api-worker/values.staging.yaml +++ b/charts/services/application-system-api-worker/values.staging.yaml @@ -1,203 +1,102 @@ -{ - "application-system-api-worker": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_CHARGE_FJS_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" - }, - "APPLICATION_ATTACHMENT_BUCKET": { - "dev": "island-is-dev-storage-application-system", - "staging": "island-is-staging-storage-application-system", - "prod": "island-is-prod-storage-application-system" - }, - "FILE_SERVICE_PRESIGN_BUCKET": { - "dev": "island-is-dev-fs-presign-bucket", - "staging": "island-is-staging-fs-presign-bucket", - "prod": "island-is-prod-fs-presign-bucket" - }, - "FILE_STORAGE_UPLOAD_BUCKET": { - "dev": "island-is-dev-upload-api", - "staging": "island-is-staging-upload-api", - "prod": "island-is-prod-upload-api" - }, - "CLIENT_LOCATION_ORIGIN": { - "dev": "https://beta.dev01.devland.is/umsoknir", - "staging": "https://beta.staging01.devland.is/umsoknir", - "prod": "https://island.is/umsoknir", - "local": "http://localhost:4200/umsoknir" - } - }, - "features": {}, - "name": "application-system-api-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", - "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", - "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", - "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", - "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", - "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", - "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", - "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", - "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", - "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", - "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME" - }, - "ingress": {}, - "namespace": "application-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "768Mi" - }, - "requests": { - "cpu": "150m", - "memory": "384Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10021/FJS-Public", - "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", - "prod": "IS/GOV/5402697509/FJS-Public" - }, - "XROAD_PAYMENT_BASE_CALLBACK_URL": { - "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", - "staging": "XROAD:", - "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" - }, - "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" - }, - "secrets": { - "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", - "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_INNA_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" - } - } - } - }, - { - "config": { - "env": { - "EHIC_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "application-system-api", - "postgres": { - "username": "application_system_api", - "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", - "name": "application_system_api" - }, - "accountName": "application-system-api-worker", - "redis": {}, - "args": [ - "main.js", - "--job", - "worker" - ], - "cmds": "node", - "extraAttributes": { - "dev": { - "schedule": "*/30 * * * *" - }, - "staging": { - "schedule": "*/30 * * * *" - }, - "prod": { - "schedule": "*/30 * * * *" - } - } - } - } -} \ No newline at end of file +service: + name: application-system-api-worker + args: + - main.js + - --job + - worker + command: + - node + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: island-is-staging-storage-application-system + CLIENT_LOCATION_ORIGIN: https://beta.staging01.devland.is/umsoknir + DB_HOST: postgres-applications.internal + DB_NAME: application_system_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: application_system_api + EHIC_XROAD_PROVIDER_ID: IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic + FILE_SERVICE_PRESIGN_BUCKET: island-is-staging-fs-presign-bucket + FILE_STORAGE_UPLOAD_BUCKET: island-is-staging-upload-api + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CHARGE_FJS_V2_PATH: IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2 + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_INNA_PATH: IS-TEST/GOV/6601241280/MMS-Protected/inna-v1 + XROAD_PAYMENT_ADDITION_CALLBACK_URL: / + XROAD_PAYMENT_BASE_CALLBACK_URL: "XROAD:" + XROAD_PAYMENT_PROVIDER_ID: IS-TEST/GOV/10021/FJS-DEV-Public + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_WORK_MACHINE_LICENSE_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + grantNamespaces: + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api + namespace: application-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 768Mi + requests: + cpu: 150m + memory: 384Mi + schedule: "*/30 * * * *" + secrets: + ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/application-system-api/DB_PASSWORD + DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN + DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL + DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD + DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME + DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD + DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME + DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH + IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET + SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST + SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME + XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD + XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/application-system-api-worker + create: true + name: application-system-api-worker diff --git a/charts/services/application-system-api/values.dev.yaml b/charts/services/application-system-api/values.dev.yaml index 6b45c4f14a6d..db03b5df5871 100644 --- a/charts/services/application-system-api/values.dev.yaml +++ b/charts/services/application-system-api/values.dev.yaml @@ -1,856 +1,251 @@ -{ - "application-system-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "EMAIL_REGION": "eu-west-1", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CLIENT_LOCATION_ORIGIN": { - "dev": "https://beta.dev01.devland.is/umsoknir", - "staging": "https://beta.staging01.devland.is/umsoknir", - "prod": "https://island.is/umsoknir", - "local": "http://localhost:4200/umsoknir" - }, - "APPLICATION_ATTACHMENT_BUCKET": { - "dev": "island-is-dev-storage-application-system", - "staging": "island-is-staging-storage-application-system", - "prod": "island-is-prod-storage-application-system" - }, - "FILE_STORAGE_UPLOAD_BUCKET": { - "dev": "island-is-dev-upload-api", - "staging": "island-is-staging-upload-api", - "prod": "island-is-prod-upload-api" - }, - "FILE_SERVICE_PRESIGN_BUCKET": { - "dev": "island-is-dev-fs-presign-bucket", - "staging": "island-is-staging-fs-presign-bucket", - "prod": "island-is-prod-fs-presign-bucket" - }, - "INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { - "dev": "gunnar.ingi@fjr.is", - "staging": "gunnar.ingi@fjr.is", - "prod": "island@island.is" - }, - "INSTITUTION_APPLICATION_RECIPIENT_NAME": { - "dev": "Gunnar Ingi", - "staging": "Gunnar Ingi", - "prod": "Stafrรฆnt รsland" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", - "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { - "dev": "gunnar.ingi@fjr.is", - "staging": "gunnar.ingi@fjr.is", - "prod": "island@island.is" - }, - "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME": { - "dev": "Gunnar Ingi", - "staging": "Gunnar Ingi", - "prod": "Stafrรฆnt รsland" - }, - "LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { - "dev": "gunnar.ingi@fjr.is", - "staging": "gunnar.ingi@fjr.is", - "prod": "island@island.is" - }, - "LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME": { - "dev": "Gunnar Ingi", - "staging": "Gunnar Ingi", - "prod": "Stafrรฆnt รsland" - }, - "NOVA_USERNAME": { - "dev": "IslandIs_User_Development", - "prod": "IslandIs_User_Production", - "staging": "IslandIs_User_Development" - }, - "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { - "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" - }, - "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", - "FINANCIAL_STATEMENTS_INAO_SCOPE": { - "dev": "https://dev-re.crm4.dynamics.com/.default", - "staging": "https://dev-re.crm4.dynamics.com/.default", - "prod": "https://star-re.crm4.dynamics.com/.default" - }, - "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", - "XROAD_COURT_BANKRUPTCY_CERT_PATH": { - "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", - "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", - "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" - }, - "XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10047/UA-Protected/kvortun-v1/", - "staging": "IS-TEST/GOV/10047/UA-Protected/kvortun-v1/", - "prod": "IS/GOV/5605882089/UA-Protected/kvortun-v1" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "AUTH_PUBLIC_API_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "UNIVERSITY_GATEWAY_API_URL": { - "dev": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", - "staging": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", - "prod": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local" - } - }, - "features": {}, - "name": "application-system-api", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NOVA_URL": "/k8s/application-system-api/NOVA_URL", - "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", - "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", - "AUTH_JWT_SECRET": "/k8s/application-system/api/AUTH_JWT_SECRET", - "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", - "EMAIL_FROM": "/k8s/application-system/api/EMAIL_FROM", - "EMAIL_FROM_NAME": "/k8s/application-system/api/EMAIL_FROM_NAME", - "EMAIL_REPLY_TO": "/k8s/application-system/api/EMAIL_REPLY_TO", - "EMAIL_REPLY_TO_NAME": "/k8s/application-system/api/EMAIL_REPLY_TO_NAME", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", - "DOCUMENT_PROVIDER_ONBOARDING_REVIEWER": "/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER", - "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", - "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", - "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", - "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", - "NOVA_PASSWORD": "/k8s/application-system/api/NOVA_PASSWORD", - "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", - "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", - "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", - "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", - "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", - "VMST_ID": "/k8s/application-system/VMST_ID", - "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", - "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME", - "ALTHINGI_OMBUDSMAN_XROAD_USERNAME": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME", - "ALTHINGI_OMBUDSMAN_XROAD_PASSWORD": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "application-payment-callback-xrd", - "application-callback-xrd" - ], - "staging": [ - "application-payment-callback-xrd", - "application-callback-xrd" - ], - "prod": [ - "application-payment-callback-xrd", - "application-callback-xrd" - ] - }, - "paths": [ - "/application-payment", - "/applications" - ], - "public": false, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "application-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "1024Mi" - }, - "requests": { - "cpu": "75m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VMST_API_PATH": { - "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" - }, - "XROAD_VMST_MEMBER_CODE": { - "dev": "10003", - "staging": "7005942039", - "prod": "7005942039" - } - }, - "secrets": { - "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_INSURANCE_WSDLURL": { - "dev": "https://test-huld.sjukra.is/islandrg?wsdl", - "staging": "https://test-huld.sjukra.is/islandrg?wsdl", - "prod": "https://huld.sjukra.is/islandrg?wsdl" - }, - "XROAD_HEALTH_INSURANCE_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", - "prod": "IS/GOV/4804080550/SJUKRA-Protected" - }, - "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" - } - }, - "secrets": { - "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", - "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", - "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", - "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10021/FJS-Public", - "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", - "prod": "IS/GOV/5402697509/FJS-Public" - }, - "XROAD_PAYMENT_BASE_CALLBACK_URL": { - "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", - "staging": "XROAD:", - "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" - }, - "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" - }, - "secrets": { - "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", - "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_DRIVING_LICENSE_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V2_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V4_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" - }, - "XROAD_DRIVING_LICENSE_V5_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" - } - }, - "secrets": { - "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_SCHEDULE_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", - "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CRIMINAL_RECORD_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" - } - } - } - }, - { - "config": { - "env": { - "DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10026/gopro/kvortun-v1", - "staging": "IS-TEST/GOV/5608002820/gopro/kvortun-v1", - "prod": "IS/GOV/5608002820/gopro/kvortun-v1" - } - }, - "secrets": { - "DATA_PROTECTION_COMPLAINT_API_USERNAME": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME", - "DATA_PROTECTION_COMPLAINT_API_PASSWORD": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD" - } - } - }, - { - "config": { - "env": { - "FISHING_LICENSE_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", - "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", - "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCIAL_AID_BACKEND_PATH": { - "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", - "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", - "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CHARGE_FJS_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" - } - } - } - }, - { - "config": { - "env": { - "XROAD_ENERGY_FUNDS_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", - "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" - }, - "XROAD_FINANCES_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" - }, - "XROAD_HMS_LOANS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" - }, - "XROAD_HMS_HOUSING_BENEFITS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PROPERTIES_SERVICE_V2_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" - } - }, - "secrets": { - "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_INNA_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_MILEAGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_CODETABLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" - }, - "XROAD_VEHICLE_INFOLOCKS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" - }, - "XROAD_VEHICLE_OPERATORS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" - }, - "XROAD_VEHICLE_OWNER_CHANGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" - }, - "XROAD_VEHICLE_PLATE_ORDERING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" - }, - "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" - }, - "XROAD_VEHICLE_PRINTING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" - }, - "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PASSPORT_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" - } - } - } - }, - { - "config": { - "env": { - "EHIC_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { - "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_TR_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", - "prod": "IS/GOV/5012130120/TR-Protected/external-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" - } - } - } - }, - { - "config": { - "env": { - "XROAD_SIGNATURE_COLLECTION_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - }, - { - "config": { - "env": { - "WORKPOINT_ARBORG_SERVICE_PATH": { - "dev": "IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1", - "staging": "IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1", - "prod": "IS/MUN/10036/Arborg-Protected/tengill-application-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", - "prod": "IS/GOV/10014/DMR-Protected/official-journal" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", - "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" - }, - "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" - }, - "XROAD_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" - }, - "XROAD_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" - }, - "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" - }, - "XROAD_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", - "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_FRIGG_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", - "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", - "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_ACCIDENT_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" - } - } - } - } - ], - "files": [ - { - "filename": "islyklar.p12", - "env": "ISLYKILL_CERT" - } - ], - "volumes": [], - "accountName": "application-system-api", - "cmds": "node", - "redis": {}, - "args": [ - "main.js" - ], - "postgres": { - "username": "application_system_api", - "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", - "name": "application_system_api" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "application_system_api", - "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", - "name": "application_system_api" - } - }, - "replicaCount": { - "default": 2, - "max": 60, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: application-system-api + args: + - main.js + command: + - node + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: island-is-dev-storage-application-system + AUTH_PUBLIC_API_URL: https://identity-server.dev01.devland.is/api + CLIENT_LOCATION_ORIGIN: https://beta.dev01.devland.is/umsoknir + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 + CONTENTFUL_HOST: preview.contentful.com + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: IS-DEV/GOV/10026/gopro/kvortun-v1 + DB_HOST: postgres-applications.internal + DB_NAME: application_system_api + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: application_system_api + EHIC_XROAD_PROVIDER_ID: IS-DEV/GOV/10007/SJUKRA-Protected/ehic + EMAIL_REGION: eu-west-1 + ENDORSEMENTS_API_BASE_PATH: http://web-endorsement-system-api.endorsement-system.svc.cluster.local + FILE_SERVICE_PRESIGN_BUCKET: island-is-dev-fs-presign-bucket + FILE_STORAGE_UPLOAD_BUCKET: island-is-dev-upload-api + FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://dev-re.crm4.dynamics.com/api/data/v9.1 + FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 + FINANCIAL_STATEMENTS_INAO_SCOPE: https://dev-re.crm4.dynamics.com/.default + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token + FISHING_LICENSE_XROAD_PROVIDER_ID: IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1 + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: Gunnar Ingi + GRAPHQL_API_URL: http://web-api.islandis.svc.cluster.local + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is + INSTITUTION_APPLICATION_RECIPIENT_NAME: Gunnar Ingi + ISLYKILL_CERT: /etc/config/islyklar.p12 + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: Gunnar Ingi + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "true" + NOVA_USERNAME: IslandIs_User_Development + RECYCLING_FUND_GQL_BASE_PATH: http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local + SERVICE_USER_PROFILE_URL: http://web-service-portal-api.service-portal.svc.cluster.local + UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local + USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local + WORKPOINT_ARBORG_SERVICE_PATH: IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1 + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1 + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: IS-DEV/GOV/10047/UA-Protected/kvortun-v1/ + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_BIFROST_UNIVERSITY_PATH: IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1 + XROAD_CHARGE_FJS_V2_PATH: IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2 + XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_COURT_BANKRUPTCY_CERT_PATH: IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1 + XROAD_CRIMINAL_RECORD_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2 + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1 + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1 + XROAD_DRIVING_LICENSE_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1 + XROAD_DRIVING_LICENSE_V2_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2 + XROAD_DRIVING_LICENSE_V4_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4 + XROAD_DRIVING_LICENSE_V5_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5 + XROAD_ENERGY_FUNDS_PATH: IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1 + XROAD_FINANCES_PATH: IS-DEV/GOV/10021/FJS-Public/financeIsland + XROAD_FINANCES_V2_PATH: IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2 + XROAD_FINANCIAL_AID_BACKEND_PATH: IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1 + XROAD_HEALTH_DIRECTORATE_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1 + XROAD_HEALTH_INSURANCE_ID: IS-DEV/GOV/10007/SJUKRA-Protected + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur + XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl + XROAD_HMS_HOUSING_BENEFITS_PATH: IS-DEV/GOV/10033/HMS-Protected/husbot-v1 + XROAD_HMS_LOANS_PATH: IS-DEV/GOV/10033/HMS-Protected/libra-v1 + XROAD_HOLAR_UNIVERSITY_PATH: IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1 + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1 + XROAD_INNA_PATH: IS-DEV/GOV/10066/MMS-Protected/inna-v1 + XROAD_MMS_FRIGG_PATH: IS-DEV/GOV/10066/MMS-Protected/frigg-form-service + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS-DEV/GOV/10014/DMR-Protected/official-journal-application + XROAD_OFFICIAL_JOURNAL_PATH: IS-DEV/GOV/10014/DMR-Protected/official-journal + XROAD_PASSPORT_LICENSE_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1 + XROAD_PAYMENT_ADDITION_CALLBACK_URL: / + XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/ + XROAD_PAYMENT_PROVIDER_ID: IS-DEV/GOV/10021/FJS-Public + XROAD_PAYMENT_SCHEDULE_PATH: IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1 + XROAD_PROPERTIES_SERVICE_V2_PATH: IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1 + XROAD_SIGNATURE_COLLECTION_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "10001" + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_TR_PATH: IS-DEV/GOV/10008/TR-Protected/external-v1 + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1 + XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10010/HI-Protected/brautskraning-v1 + XROAD_VEHICLES_MILEAGE_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1 + XROAD_VEHICLES_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1 + XROAD_VEHICLE_CODETABLES_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1 + XROAD_VEHICLE_INFOLOCKS_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1 + XROAD_VEHICLE_OPERATORS_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3 + XROAD_VEHICLE_OWNER_CHANGE_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2 + XROAD_VEHICLE_PLATE_ORDERING_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 + XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 + XROAD_VEHICLE_PRINTING_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1 + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1 + XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 + XROAD_VMST_MEMBER_CODE: "10003" + XROAD_WORK_ACCIDENT_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token + XROAD_WORK_MACHINE_LICENSE_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token + files: + - islyklar.p12 + grantNamespaces: + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: application-payment-callback-xrd.internal.dev01.devland.is + paths: + - /application-payment + - /applications + - host: application-callback-xrd.internal.dev01.devland.is + paths: + - /application-payment + - /applications + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: application_system_api + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: application_system_api + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/application-system-api/DB_PASSWORD + namespace: application-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: 400m + memory: 1024Mi + requests: + cpu: 75m + memory: 512Mi + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME + ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL + AUTH_JWT_SECRET: /k8s/application-system/api/AUTH_JWT_SECRET + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN + DATA_PROTECTION_COMPLAINT_API_PASSWORD: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD + DATA_PROTECTION_COMPLAINT_API_USERNAME: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME + DB_PASS: /k8s/application-system-api/DB_PASSWORD + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: /k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER + DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN + DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL + DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD + DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME + DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD + DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME + DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH + EMAIL_FROM: /k8s/application-system/api/EMAIL_FROM + EMAIL_FROM_NAME: /k8s/application-system/api/EMAIL_FROM_NAME + EMAIL_REPLY_TO: /k8s/application-system/api/EMAIL_REPLY_TO + EMAIL_REPLY_TO_NAME: /k8s/application-system/api/EMAIL_REPLY_TO_NAME + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET + IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET + ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH + ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + NOVA_PASSWORD: /k8s/application-system/api/NOVA_PASSWORD + NOVA_URL: /k8s/application-system-api/NOVA_URL + SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST + SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME + VMST_ID: /k8s/application-system/VMST_ID + XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD + XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD + XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/application-system-api + create: true + name: application-system-api diff --git a/charts/services/application-system-api/values.prod.yaml b/charts/services/application-system-api/values.prod.yaml index 6b45c4f14a6d..936d61de8a88 100644 --- a/charts/services/application-system-api/values.prod.yaml +++ b/charts/services/application-system-api/values.prod.yaml @@ -1,856 +1,251 @@ -{ - "application-system-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "EMAIL_REGION": "eu-west-1", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CLIENT_LOCATION_ORIGIN": { - "dev": "https://beta.dev01.devland.is/umsoknir", - "staging": "https://beta.staging01.devland.is/umsoknir", - "prod": "https://island.is/umsoknir", - "local": "http://localhost:4200/umsoknir" - }, - "APPLICATION_ATTACHMENT_BUCKET": { - "dev": "island-is-dev-storage-application-system", - "staging": "island-is-staging-storage-application-system", - "prod": "island-is-prod-storage-application-system" - }, - "FILE_STORAGE_UPLOAD_BUCKET": { - "dev": "island-is-dev-upload-api", - "staging": "island-is-staging-upload-api", - "prod": "island-is-prod-upload-api" - }, - "FILE_SERVICE_PRESIGN_BUCKET": { - "dev": "island-is-dev-fs-presign-bucket", - "staging": "island-is-staging-fs-presign-bucket", - "prod": "island-is-prod-fs-presign-bucket" - }, - "INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { - "dev": "gunnar.ingi@fjr.is", - "staging": "gunnar.ingi@fjr.is", - "prod": "island@island.is" - }, - "INSTITUTION_APPLICATION_RECIPIENT_NAME": { - "dev": "Gunnar Ingi", - "staging": "Gunnar Ingi", - "prod": "Stafrรฆnt รsland" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", - "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { - "dev": "gunnar.ingi@fjr.is", - "staging": "gunnar.ingi@fjr.is", - "prod": "island@island.is" - }, - "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME": { - "dev": "Gunnar Ingi", - "staging": "Gunnar Ingi", - "prod": "Stafrรฆnt รsland" - }, - "LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { - "dev": "gunnar.ingi@fjr.is", - "staging": "gunnar.ingi@fjr.is", - "prod": "island@island.is" - }, - "LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME": { - "dev": "Gunnar Ingi", - "staging": "Gunnar Ingi", - "prod": "Stafrรฆnt รsland" - }, - "NOVA_USERNAME": { - "dev": "IslandIs_User_Development", - "prod": "IslandIs_User_Production", - "staging": "IslandIs_User_Development" - }, - "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { - "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" - }, - "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", - "FINANCIAL_STATEMENTS_INAO_SCOPE": { - "dev": "https://dev-re.crm4.dynamics.com/.default", - "staging": "https://dev-re.crm4.dynamics.com/.default", - "prod": "https://star-re.crm4.dynamics.com/.default" - }, - "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", - "XROAD_COURT_BANKRUPTCY_CERT_PATH": { - "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", - "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", - "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" - }, - "XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10047/UA-Protected/kvortun-v1/", - "staging": "IS-TEST/GOV/10047/UA-Protected/kvortun-v1/", - "prod": "IS/GOV/5605882089/UA-Protected/kvortun-v1" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "AUTH_PUBLIC_API_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "UNIVERSITY_GATEWAY_API_URL": { - "dev": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", - "staging": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", - "prod": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local" - } - }, - "features": {}, - "name": "application-system-api", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NOVA_URL": "/k8s/application-system-api/NOVA_URL", - "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", - "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", - "AUTH_JWT_SECRET": "/k8s/application-system/api/AUTH_JWT_SECRET", - "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", - "EMAIL_FROM": "/k8s/application-system/api/EMAIL_FROM", - "EMAIL_FROM_NAME": "/k8s/application-system/api/EMAIL_FROM_NAME", - "EMAIL_REPLY_TO": "/k8s/application-system/api/EMAIL_REPLY_TO", - "EMAIL_REPLY_TO_NAME": "/k8s/application-system/api/EMAIL_REPLY_TO_NAME", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", - "DOCUMENT_PROVIDER_ONBOARDING_REVIEWER": "/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER", - "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", - "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", - "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", - "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", - "NOVA_PASSWORD": "/k8s/application-system/api/NOVA_PASSWORD", - "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", - "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", - "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", - "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", - "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", - "VMST_ID": "/k8s/application-system/VMST_ID", - "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", - "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME", - "ALTHINGI_OMBUDSMAN_XROAD_USERNAME": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME", - "ALTHINGI_OMBUDSMAN_XROAD_PASSWORD": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "application-payment-callback-xrd", - "application-callback-xrd" - ], - "staging": [ - "application-payment-callback-xrd", - "application-callback-xrd" - ], - "prod": [ - "application-payment-callback-xrd", - "application-callback-xrd" - ] - }, - "paths": [ - "/application-payment", - "/applications" - ], - "public": false, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "application-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "1024Mi" - }, - "requests": { - "cpu": "75m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VMST_API_PATH": { - "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" - }, - "XROAD_VMST_MEMBER_CODE": { - "dev": "10003", - "staging": "7005942039", - "prod": "7005942039" - } - }, - "secrets": { - "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_INSURANCE_WSDLURL": { - "dev": "https://test-huld.sjukra.is/islandrg?wsdl", - "staging": "https://test-huld.sjukra.is/islandrg?wsdl", - "prod": "https://huld.sjukra.is/islandrg?wsdl" - }, - "XROAD_HEALTH_INSURANCE_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", - "prod": "IS/GOV/4804080550/SJUKRA-Protected" - }, - "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" - } - }, - "secrets": { - "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", - "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", - "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", - "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10021/FJS-Public", - "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", - "prod": "IS/GOV/5402697509/FJS-Public" - }, - "XROAD_PAYMENT_BASE_CALLBACK_URL": { - "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", - "staging": "XROAD:", - "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" - }, - "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" - }, - "secrets": { - "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", - "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_DRIVING_LICENSE_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V2_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V4_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" - }, - "XROAD_DRIVING_LICENSE_V5_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" - } - }, - "secrets": { - "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_SCHEDULE_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", - "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CRIMINAL_RECORD_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" - } - } - } - }, - { - "config": { - "env": { - "DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10026/gopro/kvortun-v1", - "staging": "IS-TEST/GOV/5608002820/gopro/kvortun-v1", - "prod": "IS/GOV/5608002820/gopro/kvortun-v1" - } - }, - "secrets": { - "DATA_PROTECTION_COMPLAINT_API_USERNAME": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME", - "DATA_PROTECTION_COMPLAINT_API_PASSWORD": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD" - } - } - }, - { - "config": { - "env": { - "FISHING_LICENSE_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", - "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", - "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCIAL_AID_BACKEND_PATH": { - "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", - "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", - "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CHARGE_FJS_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" - } - } - } - }, - { - "config": { - "env": { - "XROAD_ENERGY_FUNDS_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", - "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" - }, - "XROAD_FINANCES_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" - }, - "XROAD_HMS_LOANS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" - }, - "XROAD_HMS_HOUSING_BENEFITS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PROPERTIES_SERVICE_V2_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" - } - }, - "secrets": { - "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_INNA_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_MILEAGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_CODETABLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" - }, - "XROAD_VEHICLE_INFOLOCKS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" - }, - "XROAD_VEHICLE_OPERATORS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" - }, - "XROAD_VEHICLE_OWNER_CHANGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" - }, - "XROAD_VEHICLE_PLATE_ORDERING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" - }, - "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" - }, - "XROAD_VEHICLE_PRINTING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" - }, - "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PASSPORT_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" - } - } - } - }, - { - "config": { - "env": { - "EHIC_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { - "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_TR_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", - "prod": "IS/GOV/5012130120/TR-Protected/external-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" - } - } - } - }, - { - "config": { - "env": { - "XROAD_SIGNATURE_COLLECTION_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - }, - { - "config": { - "env": { - "WORKPOINT_ARBORG_SERVICE_PATH": { - "dev": "IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1", - "staging": "IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1", - "prod": "IS/MUN/10036/Arborg-Protected/tengill-application-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", - "prod": "IS/GOV/10014/DMR-Protected/official-journal" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", - "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" - }, - "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" - }, - "XROAD_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" - }, - "XROAD_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" - }, - "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" - }, - "XROAD_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", - "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_FRIGG_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", - "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", - "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_ACCIDENT_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" - } - } - } - } - ], - "files": [ - { - "filename": "islyklar.p12", - "env": "ISLYKILL_CERT" - } - ], - "volumes": [], - "accountName": "application-system-api", - "cmds": "node", - "redis": {}, - "args": [ - "main.js" - ], - "postgres": { - "username": "application_system_api", - "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", - "name": "application_system_api" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "application_system_api", - "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", - "name": "application_system_api" - } - }, - "replicaCount": { - "default": 2, - "max": 60, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: application-system-api + args: + - main.js + command: + - node + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: island-is-prod-storage-application-system + AUTH_PUBLIC_API_URL: https://innskra.island.is/api + CLIENT_LOCATION_ORIGIN: https://island.is/umsoknir + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 + CONTENTFUL_HOST: cdn.contentful.com + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: IS/GOV/5608002820/gopro/kvortun-v1 + DB_HOST: postgres-applications.internal + DB_NAME: application_system_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: application_system_api + EHIC_XROAD_PROVIDER_ID: IS/GOV/4804080550/SJUKRA-Protected/ehic + EMAIL_REGION: eu-west-1 + ENDORSEMENTS_API_BASE_PATH: http://web-endorsement-system-api.endorsement-system.svc.cluster.local + FILE_SERVICE_PRESIGN_BUCKET: island-is-prod-fs-presign-bucket + FILE_STORAGE_UPLOAD_BUCKET: island-is-prod-upload-api + FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://star-re.crm4.dynamics.com/api/data/v9.1 + FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 + FINANCIAL_STATEMENTS_INAO_SCOPE: https://star-re.crm4.dynamics.com/.default + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token + FISHING_LICENSE_XROAD_PROVIDER_ID: IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1 + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: island@island.is + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: Stafrรฆnt รsland + GRAPHQL_API_URL: http://web-api.islandis.svc.cluster.local + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: island@island.is + INSTITUTION_APPLICATION_RECIPIENT_NAME: Stafrรฆnt รsland + ISLYKILL_CERT: /etc/config/islyklar.p12 + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: island@island.is + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: Stafrรฆnt รsland + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "false" + NOVA_USERNAME: IslandIs_User_Production + RECYCLING_FUND_GQL_BASE_PATH: http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local + SERVICE_USER_PROFILE_URL: http://web-service-portal-api.service-portal.svc.cluster.local + UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local + USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local + WORKPOINT_ARBORG_SERVICE_PATH: IS/MUN/10036/Arborg-Protected/tengill-application-v1 + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/4112043590/LBHI-Protected/brautskraning-v1 + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: IS/GOV/5605882089/UA-Protected/kvortun-v1 + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_BIFROST_UNIVERSITY_PATH: IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1 + XROAD_CHARGE_FJS_V2_PATH: IS/GOV/5402697509/FJS-Public/chargeFJS_v2 + XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_COURT_BANKRUPTCY_CERT_PATH: IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1 + XROAD_CRIMINAL_RECORD_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1 + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1 + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1 + XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 + XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 + XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 + XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 + XROAD_ENERGY_FUNDS_PATH: IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1 + XROAD_FINANCES_PATH: IS/GOV/5402697509/FJS-Public/financeIsland + XROAD_FINANCES_V2_PATH: IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2 + XROAD_FINANCIAL_AID_BACKEND_PATH: IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1 + XROAD_HEALTH_DIRECTORATE_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1 + XROAD_HEALTH_INSURANCE_ID: IS/GOV/4804080550/SJUKRA-Protected + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS/GOV/4804080550/SJUKRA-Protected/minarsidur + XROAD_HEALTH_INSURANCE_WSDLURL: https://huld.sjukra.is/islandrg?wsdl + XROAD_HMS_HOUSING_BENEFITS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1 + XROAD_HMS_LOANS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1 + XROAD_HOLAR_UNIVERSITY_PATH: IS/EDU/5001694359/Holar-Protected/brautskraning-v1 + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS/EDU/4210984099/LHI-Protected/brautskraning-v1 + XROAD_INNA_PATH: IS/GOV/6601241280/MMS-Protected/inna-v1 + XROAD_MMS_FRIGG_PATH: IS/GOV/10066/MMS-Protected/frigg-form-service + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS/GOV/10014/DMR-Protected/official-journal-application + XROAD_OFFICIAL_JOURNAL_PATH: IS/GOV/10014/DMR-Protected/official-journal + XROAD_PASSPORT_LICENSE_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1 + XROAD_PAYMENT_ADDITION_CALLBACK_URL: / + XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/ + XROAD_PAYMENT_PROVIDER_ID: IS/GOV/5402697509/FJS-Public + XROAD_PAYMENT_SCHEDULE_PATH: IS/GOV/5402697509/FJS-Public/paymentSchedule_v1 + XROAD_PROPERTIES_SERVICE_V2_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1 + XROAD_SIGNATURE_COLLECTION_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + XROAD_TR_PATH: IS/GOV/5012130120/TR-Protected/external-v1 + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS/EDU/5206871229/UNAK-Protected/brautskraning-v1 + XROAD_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/6001692039/HI-Protected/brautskraning-v1 + XROAD_VEHICLES_MILEAGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1 + XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 + XROAD_VEHICLE_CODETABLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1 + XROAD_VEHICLE_INFOLOCKS_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1 + XROAD_VEHICLE_OPERATORS_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3 + XROAD_VEHICLE_OWNER_CHANGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2 + XROAD_VEHICLE_PLATE_ORDERING_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 + XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 + XROAD_VEHICLE_PRINTING_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1 + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1 + XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 + XROAD_VMST_MEMBER_CODE: "7005942039" + XROAD_WORK_ACCIDENT_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token + XROAD_WORK_MACHINE_LICENSE_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + files: + - islyklar.p12 + grantNamespaces: + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: application-payment-callback-xrd.internal.island.is + paths: + - /application-payment + - /applications + - host: application-callback-xrd.internal.island.is + paths: + - /application-payment + - /applications + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: application_system_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: application_system_api + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/application-system-api/DB_PASSWORD + namespace: application-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: 400m + memory: 1024Mi + requests: + cpu: 75m + memory: 512Mi + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME + ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL + AUTH_JWT_SECRET: /k8s/application-system/api/AUTH_JWT_SECRET + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN + DATA_PROTECTION_COMPLAINT_API_PASSWORD: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD + DATA_PROTECTION_COMPLAINT_API_USERNAME: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME + DB_PASS: /k8s/application-system-api/DB_PASSWORD + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: /k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER + DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN + DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL + DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD + DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME + DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD + DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME + DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH + EMAIL_FROM: /k8s/application-system/api/EMAIL_FROM + EMAIL_FROM_NAME: /k8s/application-system/api/EMAIL_FROM_NAME + EMAIL_REPLY_TO: /k8s/application-system/api/EMAIL_REPLY_TO + EMAIL_REPLY_TO_NAME: /k8s/application-system/api/EMAIL_REPLY_TO_NAME + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET + IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET + ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH + ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + NOVA_PASSWORD: /k8s/application-system/api/NOVA_PASSWORD + NOVA_URL: /k8s/application-system-api/NOVA_URL + SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST + SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME + VMST_ID: /k8s/application-system/VMST_ID + XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD + XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD + XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/application-system-api + create: true + name: application-system-api diff --git a/charts/services/application-system-api/values.staging.yaml b/charts/services/application-system-api/values.staging.yaml index 6b45c4f14a6d..33f3bab532e4 100644 --- a/charts/services/application-system-api/values.staging.yaml +++ b/charts/services/application-system-api/values.staging.yaml @@ -1,856 +1,251 @@ -{ - "application-system-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "EMAIL_REGION": "eu-west-1", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_CHARGE_FJS_V2_TIMEOUT": "20000", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CLIENT_LOCATION_ORIGIN": { - "dev": "https://beta.dev01.devland.is/umsoknir", - "staging": "https://beta.staging01.devland.is/umsoknir", - "prod": "https://island.is/umsoknir", - "local": "http://localhost:4200/umsoknir" - }, - "APPLICATION_ATTACHMENT_BUCKET": { - "dev": "island-is-dev-storage-application-system", - "staging": "island-is-staging-storage-application-system", - "prod": "island-is-prod-storage-application-system" - }, - "FILE_STORAGE_UPLOAD_BUCKET": { - "dev": "island-is-dev-upload-api", - "staging": "island-is-staging-upload-api", - "prod": "island-is-prod-upload-api" - }, - "FILE_SERVICE_PRESIGN_BUCKET": { - "dev": "island-is-dev-fs-presign-bucket", - "staging": "island-is-staging-fs-presign-bucket", - "prod": "island-is-prod-fs-presign-bucket" - }, - "INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { - "dev": "gunnar.ingi@fjr.is", - "staging": "gunnar.ingi@fjr.is", - "prod": "island@island.is" - }, - "INSTITUTION_APPLICATION_RECIPIENT_NAME": { - "dev": "Gunnar Ingi", - "staging": "Gunnar Ingi", - "prod": "Stafrรฆnt รsland" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/application-system", - "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { - "dev": "gunnar.ingi@fjr.is", - "staging": "gunnar.ingi@fjr.is", - "prod": "island@island.is" - }, - "FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME": { - "dev": "Gunnar Ingi", - "staging": "Gunnar Ingi", - "prod": "Stafrรฆnt รsland" - }, - "LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS": { - "dev": "gunnar.ingi@fjr.is", - "staging": "gunnar.ingi@fjr.is", - "prod": "island@island.is" - }, - "LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME": { - "dev": "Gunnar Ingi", - "staging": "Gunnar Ingi", - "prod": "Stafrรฆnt รsland" - }, - "NOVA_USERNAME": { - "dev": "IslandIs_User_Development", - "prod": "IslandIs_User_Production", - "staging": "IslandIs_User_Development" - }, - "FINANCIAL_STATEMENTS_INAO_BASE_PATH": { - "dev": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "staging": "https://dev-re.crm4.dynamics.com/api/data/v9.1", - "prod": "https://star-re.crm4.dynamics.com/api/data/v9.1" - }, - "FINANCIAL_STATEMENTS_INAO_ISSUER": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0", - "FINANCIAL_STATEMENTS_INAO_SCOPE": { - "dev": "https://dev-re.crm4.dynamics.com/.default", - "staging": "https://dev-re.crm4.dynamics.com/.default", - "prod": "https://star-re.crm4.dynamics.com/.default" - }, - "FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT": "https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token", - "XROAD_COURT_BANKRUPTCY_CERT_PATH": { - "dev": "IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1", - "staging": "IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1", - "prod": "IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1" - }, - "XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10047/UA-Protected/kvortun-v1/", - "staging": "IS-TEST/GOV/10047/UA-Protected/kvortun-v1/", - "prod": "IS/GOV/5605882089/UA-Protected/kvortun-v1" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "AUTH_PUBLIC_API_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "UNIVERSITY_GATEWAY_API_URL": { - "dev": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", - "staging": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local", - "prod": "http://web-services-university-gateway.services-university-gateway.svc.cluster.local" - } - }, - "features": {}, - "name": "application-system-api", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NOVA_URL": "/k8s/application-system-api/NOVA_URL", - "DOKOBIT_URL": "/k8s/application-system-api/DOKOBIT_URL", - "SYSLUMENN_HOST": "/k8s/application-system-api/SYSLUMENN_HOST", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/api/CONTENTFUL_ACCESS_TOKEN", - "AUTH_JWT_SECRET": "/k8s/application-system/api/AUTH_JWT_SECRET", - "DOKOBIT_ACCESS_TOKEN": "/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN", - "EMAIL_FROM": "/k8s/application-system/api/EMAIL_FROM", - "EMAIL_FROM_NAME": "/k8s/application-system/api/EMAIL_FROM_NAME", - "EMAIL_REPLY_TO": "/k8s/application-system/api/EMAIL_REPLY_TO", - "EMAIL_REPLY_TO_NAME": "/k8s/application-system/api/EMAIL_REPLY_TO_NAME", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET", - "DOCUMENT_PROVIDER_ONBOARDING_REVIEWER": "/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER", - "SYSLUMENN_USERNAME": "/k8s/application-system/api/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/application-system/api/SYSLUMENN_PASSWORD", - "DRIVING_LICENSE_BOOK_XROAD_PATH": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH", - "DRIVING_LICENSE_BOOK_USERNAME": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME", - "DRIVING_LICENSE_BOOK_PASSWORD": "/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD", - "NOVA_PASSWORD": "/k8s/application-system/api/NOVA_PASSWORD", - "ARK_BASE_URL": "/k8s/application-system-api/ARK_BASE_URL", - "FINANCIAL_STATEMENTS_INAO_CLIENT_ID": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID", - "FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET": "/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET", - "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", - "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", - "VMST_ID": "/k8s/application-system/VMST_ID", - "DOMSYSLA_PASSWORD": "/k8s/application-system-api/DOMSYSLA_PASSWORD", - "DOMSYSLA_USERNAME": "/k8s/application-system-api/DOMSYSLA_USERNAME", - "ALTHINGI_OMBUDSMAN_XROAD_USERNAME": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME", - "ALTHINGI_OMBUDSMAN_XROAD_PASSWORD": "/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "application-payment-callback-xrd", - "application-callback-xrd" - ], - "staging": [ - "application-payment-callback-xrd", - "application-callback-xrd" - ], - "prod": [ - "application-payment-callback-xrd", - "application-callback-xrd" - ] - }, - "paths": [ - "/application-payment", - "/applications" - ], - "public": false, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "application-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "1024Mi" - }, - "requests": { - "cpu": "75m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VMST_API_PATH": { - "dev": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "staging": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1", - "prod": "/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1" - }, - "XROAD_VMST_MEMBER_CODE": { - "dev": "10003", - "staging": "7005942039", - "prod": "7005942039" - } - }, - "secrets": { - "XROAD_VMST_API_KEY": "/k8s/vmst-client/VMST_API_KEY" - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_INSURANCE_WSDLURL": { - "dev": "https://test-huld.sjukra.is/islandrg?wsdl", - "staging": "https://test-huld.sjukra.is/islandrg?wsdl", - "prod": "https://huld.sjukra.is/islandrg?wsdl" - }, - "XROAD_HEALTH_INSURANCE_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", - "prod": "IS/GOV/4804080550/SJUKRA-Protected" - }, - "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" - } - }, - "secrets": { - "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", - "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", - "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", - "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10021/FJS-Public", - "staging": "IS-TEST/GOV/10021/FJS-DEV-Public", - "prod": "IS/GOV/5402697509/FJS-Public" - }, - "XROAD_PAYMENT_BASE_CALLBACK_URL": { - "dev": "XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/", - "staging": "XROAD:", - "prod": "XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/" - }, - "XROAD_PAYMENT_ADDITION_CALLBACK_URL": "/" - }, - "secrets": { - "XROAD_PAYMENT_USER": "/k8s/application-system-api/PAYMENT_USER", - "XROAD_PAYMENT_PASSWORD": "/k8s/application-system-api/PAYMENT_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_DRIVING_LICENSE_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V2_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V4_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" - }, - "XROAD_DRIVING_LICENSE_V5_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" - } - }, - "secrets": { - "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_PAYMENT_SCHEDULE_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1", - "prod": "IS/GOV/5402697509/FJS-Public/paymentSchedule_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CRIMINAL_RECORD_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1" - } - } - } - }, - { - "config": { - "env": { - "DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10026/gopro/kvortun-v1", - "staging": "IS-TEST/GOV/5608002820/gopro/kvortun-v1", - "prod": "IS/GOV/5608002820/gopro/kvortun-v1" - } - }, - "secrets": { - "DATA_PROTECTION_COMPLAINT_API_USERNAME": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME", - "DATA_PROTECTION_COMPLAINT_API_PASSWORD": "/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD" - } - } - }, - { - "config": { - "env": { - "FISHING_LICENSE_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1", - "staging": "IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1", - "prod": "IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCIAL_AID_BACKEND_PATH": { - "dev": "IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend", - "staging": "IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend", - "prod": "IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CHARGE_FJS_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/chargeFJS_v2" - } - } - } - }, - { - "config": { - "env": { - "XROAD_ENERGY_FUNDS_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1", - "prod": "IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", - "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" - }, - "XROAD_FINANCES_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" - }, - "XROAD_HMS_LOANS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" - }, - "XROAD_HMS_HOUSING_BENEFITS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PROPERTIES_SERVICE_V2_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1" - } - }, - "secrets": { - "XROAD_PROPERTIES_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET" - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_SERVICE_FJS_V1_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "staging": "IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1", - "prod": "IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_INNA_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/inna-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/inna-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/inna-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_MILEAGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLE_CODETABLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1" - }, - "XROAD_VEHICLE_INFOLOCKS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1" - }, - "XROAD_VEHICLE_OPERATORS_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3" - }, - "XROAD_VEHICLE_OWNER_CHANGE_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2" - }, - "XROAD_VEHICLE_PLATE_ORDERING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1" - }, - "XROAD_VEHICLE_PLATE_RENEWAL_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1" - }, - "XROAD_VEHICLE_PRINTING_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1" - }, - "XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "staging": "IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_PASSPORT_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1" - } - } - } - }, - { - "config": { - "env": { - "EHIC_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/ehic", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/ehic" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DIRECTORATE_OF_IMMIGRATION_PATH": { - "dev": "IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "staging": "IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1", - "prod": "IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_TR_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/external-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/external-v1", - "prod": "IS/GOV/5012130120/TR-Protected/external-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir" - } - } - } - }, - { - "config": { - "env": { - "XROAD_SIGNATURE_COLLECTION_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - }, - { - "config": { - "env": { - "WORKPOINT_ARBORG_SERVICE_PATH": { - "dev": "IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1", - "staging": "IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1", - "prod": "IS/MUN/10036/Arborg-Protected/tengill-application-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal", - "prod": "IS/GOV/10014/DMR-Protected/official-journal" - } - } - } - }, - { - "config": { - "env": { - "XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH": { - "dev": "IS-DEV/GOV/10014/DMR-Protected/official-journal-application", - "staging": "IS-TEST/GOV/10014/DMR-Protected/official-journal-application", - "prod": "IS/GOV/10014/DMR-Protected/official-journal-application" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" - }, - "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" - }, - "XROAD_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" - }, - "XROAD_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" - }, - "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" - }, - "XROAD_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", - "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_FRIGG_PATH": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/frigg-form-service", - "staging": "IS-TEST/GOV/10066/MMS-Protected/frigg-form-service", - "prod": "IS/GOV/10066/MMS-Protected/frigg-form-service" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH": { - "dev": "IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "staging": "IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1", - "prod": "IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_ACCIDENT_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token" - } - } - } - } - ], - "files": [ - { - "filename": "islyklar.p12", - "env": "ISLYKILL_CERT" - } - ], - "volumes": [], - "accountName": "application-system-api", - "cmds": "node", - "redis": {}, - "args": [ - "main.js" - ], - "postgres": { - "username": "application_system_api", - "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", - "name": "application_system_api" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "application_system_api", - "passwordSecret": "/k8s/application-system-api/DB_PASSWORD", - "name": "application_system_api" - } - }, - "replicaCount": { - "default": 2, - "max": 60, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: application-system-api + args: + - main.js + command: + - node + enabled: true + env: + APPLICATION_ATTACHMENT_BUCKET: island-is-staging-storage-application-system + AUTH_PUBLIC_API_URL: https://identity-server.staging01.devland.is/api + CLIENT_LOCATION_ORIGIN: https://beta.staging01.devland.is/umsoknir + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 + CONTENTFUL_HOST: cdn.contentful.com + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: IS-TEST/GOV/5608002820/gopro/kvortun-v1 + DB_HOST: postgres-applications.internal + DB_NAME: application_system_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: application_system_api + EHIC_XROAD_PROVIDER_ID: IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic + EMAIL_REGION: eu-west-1 + ENDORSEMENTS_API_BASE_PATH: http://web-endorsement-system-api.endorsement-system.svc.cluster.local + FILE_SERVICE_PRESIGN_BUCKET: island-is-staging-fs-presign-bucket + FILE_STORAGE_UPLOAD_BUCKET: island-is-staging-upload-api + FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://dev-re.crm4.dynamics.com/api/data/v9.1 + FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 + FINANCIAL_STATEMENTS_INAO_SCOPE: https://dev-re.crm4.dynamics.com/.default + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token + FISHING_LICENSE_XROAD_PROVIDER_ID: IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1 + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: Gunnar Ingi + GRAPHQL_API_URL: http://web-api.islandis.svc.cluster.local + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is + INSTITUTION_APPLICATION_RECIPIENT_NAME: Gunnar Ingi + ISLYKILL_CERT: /etc/config/islyklar.p12 + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: Gunnar Ingi + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "false" + NOVA_USERNAME: IslandIs_User_Development + RECYCLING_FUND_GQL_BASE_PATH: http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local + SERVICE_USER_PROFILE_URL: http://web-service-portal-api.service-portal.svc.cluster.local + UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local + USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local + WORKPOINT_ARBORG_SERVICE_PATH: IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1 + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1 + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: IS-TEST/GOV/10047/UA-Protected/kvortun-v1/ + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_BIFROST_UNIVERSITY_PATH: IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1 + XROAD_CHARGE_FJS_V2_PATH: IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2 + XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_COURT_BANKRUPTCY_CERT_PATH: IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1 + XROAD_CRIMINAL_RECORD_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1 + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1 + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1 + XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1 + XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2 + XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 + XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 + XROAD_ENERGY_FUNDS_PATH: IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1 + XROAD_FINANCES_PATH: IS-TEST/GOV/10021/FJS-Public/financeIsland + XROAD_FINANCES_V2_PATH: IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2 + XROAD_FINANCIAL_AID_BACKEND_PATH: IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1 + XROAD_HEALTH_DIRECTORATE_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1 + XROAD_HEALTH_INSURANCE_ID: IS-TEST/GOV/4804080550/SJUKRA-Protected + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur + XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl + XROAD_HMS_HOUSING_BENEFITS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1 + XROAD_HMS_LOANS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/libra-v1 + XROAD_HOLAR_UNIVERSITY_PATH: IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1 + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1 + XROAD_INNA_PATH: IS-TEST/GOV/6601241280/MMS-Protected/inna-v1 + XROAD_MMS_FRIGG_PATH: IS-TEST/GOV/10066/MMS-Protected/frigg-form-service + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS-TEST/GOV/10014/DMR-Protected/official-journal-application + XROAD_OFFICIAL_JOURNAL_PATH: IS-TEST/GOV/10014/DMR-Protected/official-journal + XROAD_PASSPORT_LICENSE_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1 + XROAD_PAYMENT_ADDITION_CALLBACK_URL: / + XROAD_PAYMENT_BASE_CALLBACK_URL: "XROAD:" + XROAD_PAYMENT_PROVIDER_ID: IS-TEST/GOV/10021/FJS-DEV-Public + XROAD_PAYMENT_SCHEDULE_PATH: IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1 + XROAD_PROPERTIES_SERVICE_V2_PATH: IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1 + XROAD_SIGNATURE_COLLECTION_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_TR_PATH: IS-TEST/GOV/5012130120/TR-Protected/external-v1 + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1 + XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10010/HI-Protected/brautskraning-v1 + XROAD_VEHICLES_MILEAGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1 + XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 + XROAD_VEHICLE_CODETABLES_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1 + XROAD_VEHICLE_INFOLOCKS_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1 + XROAD_VEHICLE_OPERATORS_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3 + XROAD_VEHICLE_OWNER_CHANGE_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2 + XROAD_VEHICLE_PLATE_ORDERING_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 + XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 + XROAD_VEHICLE_PRINTING_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1 + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1 + XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 + XROAD_VMST_MEMBER_CODE: "7005942039" + XROAD_WORK_ACCIDENT_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token + XROAD_WORK_MACHINE_LICENSE_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + files: + - islyklar.p12 + grantNamespaces: + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 60 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: application-payment-callback-xrd.internal.staging01.devland.is + paths: + - /application-payment + - /applications + - host: application-callback-xrd.internal.staging01.devland.is + paths: + - /application-payment + - /applications + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: application_system_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: application_system_api + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/application-system-api/DB_PASSWORD + namespace: application-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 60 + min: 2 + resources: + limits: + cpu: 400m + memory: 1024Mi + requests: + cpu: 75m + memory: 512Mi + secrets: + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME + ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL + AUTH_JWT_SECRET: /k8s/application-system/api/AUTH_JWT_SECRET + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN + DATA_PROTECTION_COMPLAINT_API_PASSWORD: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD + DATA_PROTECTION_COMPLAINT_API_USERNAME: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME + DB_PASS: /k8s/application-system-api/DB_PASSWORD + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: /k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER + DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN + DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL + DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD + DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME + DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD + DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME + DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH + EMAIL_FROM: /k8s/application-system/api/EMAIL_FROM + EMAIL_FROM_NAME: /k8s/application-system/api/EMAIL_FROM_NAME + EMAIL_REPLY_TO: /k8s/application-system/api/EMAIL_REPLY_TO + EMAIL_REPLY_TO_NAME: /k8s/application-system/api/EMAIL_REPLY_TO_NAME + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET + IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET + ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH + ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + NOVA_PASSWORD: /k8s/application-system/api/NOVA_PASSWORD + NOVA_URL: /k8s/application-system-api/NOVA_URL + SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST + SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME + VMST_ID: /k8s/application-system/VMST_ID + XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD + XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD + XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/application-system-api + create: true + name: application-system-api diff --git a/charts/services/application-system-form/values.dev.yaml b/charts/services/application-system-form/values.dev.yaml index 5c224350bc0c..7c9c623e2487 100644 --- a/charts/services/application-system-form/values.dev.yaml +++ b/charts/services/application-system-form/values.dev.yaml @@ -1,95 +1,69 @@ -{ - "application-system-form": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/umsoknir", - "SI_PUBLIC_GRAPHQL_PATH": { - "dev": "", - "prod": "", - "staging": "" - }, - "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "application-system-form", - "grantNamespaces": [ - "nginx-ingress-internal", - "nginx-ingress-external", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/umsoknir" - ] - } - }, - "namespace": "application-system", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "10m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [] - } - } -} \ No newline at end of file +service: + name: application-system-form + enabled: true + env: + BASEPATH: /umsoknir + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 + SERVERSIDE_FEATURES_ON: "" + SI_PUBLIC_ENVIRONMENT: dev + SI_PUBLIC_GRAPHQL_PATH: "" + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + grantNamespaces: + - nginx-ingress-internal + - nginx-ingress-external + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.dev01.devland.is + paths: + - /umsoknir + namespace: application-system + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/application-system-form/values.prod.yaml b/charts/services/application-system-form/values.prod.yaml index 5c224350bc0c..4b1181a1aec3 100644 --- a/charts/services/application-system-form/values.prod.yaml +++ b/charts/services/application-system-form/values.prod.yaml @@ -1,95 +1,72 @@ -{ - "application-system-form": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/umsoknir", - "SI_PUBLIC_GRAPHQL_PATH": { - "dev": "", - "prod": "", - "staging": "" - }, - "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "application-system-form", - "grantNamespaces": [ - "nginx-ingress-internal", - "nginx-ingress-external", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/umsoknir" - ] - } - }, - "namespace": "application-system", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "10m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [] - } - } -} \ No newline at end of file +service: + name: application-system-form + enabled: true + env: + BASEPATH: /umsoknir + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SI_PUBLIC_ENVIRONMENT: prod + SI_PUBLIC_GRAPHQL_PATH: "" + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + grantNamespaces: + - nginx-ingress-internal + - nginx-ingress-external + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: island.is + paths: + - /umsoknir + - host: www.island.is + paths: + - /umsoknir + namespace: application-system + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/application-system-form/values.staging.yaml b/charts/services/application-system-form/values.staging.yaml index 5c224350bc0c..29f2d5f6eb7c 100644 --- a/charts/services/application-system-form/values.staging.yaml +++ b/charts/services/application-system-form/values.staging.yaml @@ -1,95 +1,69 @@ -{ - "application-system-form": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/umsoknir", - "SI_PUBLIC_GRAPHQL_PATH": { - "dev": "", - "prod": "", - "staging": "" - }, - "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "application-system-form", - "grantNamespaces": [ - "nginx-ingress-internal", - "nginx-ingress-external", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/umsoknir" - ] - } - }, - "namespace": "application-system", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "10m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [] - } - } -} \ No newline at end of file +service: + name: application-system-form + enabled: true + env: + BASEPATH: /umsoknir + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 + SERVERSIDE_FEATURES_ON: "" + SI_PUBLIC_ENVIRONMENT: staging + SI_PUBLIC_GRAPHQL_PATH: "" + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + grantNamespaces: + - nginx-ingress-internal + - nginx-ingress-external + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.staging01.devland.is + paths: + - /umsoknir + namespace: application-system + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/auth-admin-web/values.dev.yaml b/charts/services/auth-admin-web/values.dev.yaml index c37cdeef4bd8..5775675d21fc 100644 --- a/charts/services/auth-admin-web/values.dev.yaml +++ b/charts/services/auth-admin-web/values.dev.yaml @@ -1,109 +1,70 @@ -{ - "auth-admin-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "NEXT_PUBLIC_BACKEND_URL": "/backend", - "IDENTITYSERVER_DOMAIN": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "BASE_URL": { - "dev": "https://identity-server.dev01.devland.is/admin", - "staging": "https://identity-server.staging01.devland.is/admin", - "prod": "https://innskra.island.is/admin" - }, - "NEXTAUTH_URL": { - "dev": "https://identity-server.dev01.devland.is/admin/api/auth", - "staging": "https://identity-server.staging01.devland.is/admin/api/auth", - "prod": "https://innskra.island.is/admin/api/auth" - } - }, - "features": {}, - "name": "auth-admin-web", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITYSERVER_SECRET": "/k8s/auth-admin-web/IDENTITYSERVER_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server", - "staging": "identity-server", - "prod": "innskra.island.is" - }, - "paths": [ - "/admin" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "identity-server-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "256Mi" - }, - "requests": { - "cpu": "200m", - "memory": "192Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "auth-admin-web", - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - }, - "extraAttributes": { - "dev": { - "progressDeadlineSeconds": 1200 - }, - "staging": { - "progressDeadlineSeconds": 1200 - }, - "prod": { - "progressDeadlineSeconds": 1200 - } - } - } - } -} \ No newline at end of file +service: + name: auth-admin-web + enabled: true + env: + BASE_URL: https://identity-server.dev01.devland.is/admin + IDENTITYSERVER_DOMAIN: identity-server.dev01.devland.is + LOG_LEVEL: info + NEXTAUTH_URL: https://identity-server.dev01.devland.is/admin/api/auth + NEXT_PUBLIC_BACKEND_URL: /backend + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 16k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/proxy-buffers-number: "4" + nginx.ingress.kubernetes.io/server-snippet: client_header_buffer_size 16k; large_client_header_buffers 4 16k; + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: identity-server.dev01.devland.is + paths: + - /admin + namespace: identity-server-admin + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 256Mi + requests: + cpu: 200m + memory: 192Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + IDENTITYSERVER_SECRET: /k8s/auth-admin-web/IDENTITYSERVER_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/auth-admin-web/values.prod.yaml b/charts/services/auth-admin-web/values.prod.yaml index c37cdeef4bd8..2d869d5f30ee 100644 --- a/charts/services/auth-admin-web/values.prod.yaml +++ b/charts/services/auth-admin-web/values.prod.yaml @@ -1,109 +1,68 @@ -{ - "auth-admin-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "NEXT_PUBLIC_BACKEND_URL": "/backend", - "IDENTITYSERVER_DOMAIN": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "BASE_URL": { - "dev": "https://identity-server.dev01.devland.is/admin", - "staging": "https://identity-server.staging01.devland.is/admin", - "prod": "https://innskra.island.is/admin" - }, - "NEXTAUTH_URL": { - "dev": "https://identity-server.dev01.devland.is/admin/api/auth", - "staging": "https://identity-server.staging01.devland.is/admin/api/auth", - "prod": "https://innskra.island.is/admin/api/auth" - } - }, - "features": {}, - "name": "auth-admin-web", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITYSERVER_SECRET": "/k8s/auth-admin-web/IDENTITYSERVER_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server", - "staging": "identity-server", - "prod": "innskra.island.is" - }, - "paths": [ - "/admin" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "identity-server-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "256Mi" - }, - "requests": { - "cpu": "200m", - "memory": "192Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "auth-admin-web", - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - }, - "extraAttributes": { - "dev": { - "progressDeadlineSeconds": 1200 - }, - "staging": { - "progressDeadlineSeconds": 1200 - }, - "prod": { - "progressDeadlineSeconds": 1200 - } - } - } - } -} \ No newline at end of file +service: + name: auth-admin-web + enabled: true + env: + BASE_URL: https://innskra.island.is/admin + IDENTITYSERVER_DOMAIN: innskra.island.is + LOG_LEVEL: info + NEXTAUTH_URL: https://innskra.island.is/admin/api/auth + NEXT_PUBLIC_BACKEND_URL: /backend + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-external + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: innskra.island.is + paths: + - /admin + namespace: identity-server-admin + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 256Mi + requests: + cpu: 200m + memory: 192Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + IDENTITYSERVER_SECRET: /k8s/auth-admin-web/IDENTITYSERVER_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/auth-admin-web/values.staging.yaml b/charts/services/auth-admin-web/values.staging.yaml index c37cdeef4bd8..bd0ad9f95dd0 100644 --- a/charts/services/auth-admin-web/values.staging.yaml +++ b/charts/services/auth-admin-web/values.staging.yaml @@ -1,109 +1,70 @@ -{ - "auth-admin-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "NEXT_PUBLIC_BACKEND_URL": "/backend", - "IDENTITYSERVER_DOMAIN": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "BASE_URL": { - "dev": "https://identity-server.dev01.devland.is/admin", - "staging": "https://identity-server.staging01.devland.is/admin", - "prod": "https://innskra.island.is/admin" - }, - "NEXTAUTH_URL": { - "dev": "https://identity-server.dev01.devland.is/admin/api/auth", - "staging": "https://identity-server.staging01.devland.is/admin/api/auth", - "prod": "https://innskra.island.is/admin/api/auth" - } - }, - "features": {}, - "name": "auth-admin-web", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITYSERVER_SECRET": "/k8s/auth-admin-web/IDENTITYSERVER_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server", - "staging": "identity-server", - "prod": "innskra.island.is" - }, - "paths": [ - "/admin" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", - "nginx.ingress.kubernetes.io/server-snippet": "client_header_buffer_size 16k; large_client_header_buffers 4 16k;" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "identity-server-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "256Mi" - }, - "requests": { - "cpu": "200m", - "memory": "192Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "auth-admin-web", - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - }, - "extraAttributes": { - "dev": { - "progressDeadlineSeconds": 1200 - }, - "staging": { - "progressDeadlineSeconds": 1200 - }, - "prod": { - "progressDeadlineSeconds": 1200 - } - } - } - } -} \ No newline at end of file +service: + name: auth-admin-web + enabled: true + env: + BASE_URL: https://identity-server.staging01.devland.is/admin + IDENTITYSERVER_DOMAIN: identity-server.staging01.devland.is + LOG_LEVEL: info + NEXTAUTH_URL: https://identity-server.staging01.devland.is/admin/api/auth + NEXT_PUBLIC_BACKEND_URL: /backend + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 16k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/proxy-buffers-number: "4" + nginx.ingress.kubernetes.io/server-snippet: client_header_buffer_size 16k; large_client_header_buffers 4 16k; + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: identity-server.staging01.devland.is + paths: + - /admin + namespace: identity-server-admin + podDisruptionBudget: + maxUnavailable: 1 + progressDeadlineSeconds: 1200 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 256Mi + requests: + cpu: 200m + memory: 192Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + IDENTITYSERVER_SECRET: /k8s/auth-admin-web/IDENTITYSERVER_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/consultation-portal/values.dev.yaml b/charts/services/consultation-portal/values.dev.yaml index 3786a3334616..efe490249cdc 100644 --- a/charts/services/consultation-portal/values.dev.yaml +++ b/charts/services/consultation-portal/values.dev.yaml @@ -1,102 +1,68 @@ -{ - "consultation-portal": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/consultation-portal", - "IDENTITY_SERVER_ISSUER_DOMAIN": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "NEXTAUTH_URL": { - "dev": "https://beta.dev01.devland.is/samradsgatt/api/auth", - "staging": "https://beta.staging01.devland.is/samradsgatt/api/auth", - "prod": "https://island.is/samradsgatt/api/auth" - }, - "BACKEND_DL_URL": { - "dev": "https://samradapi-test.devland.is/api/Documents/", - "staging": "https://samradapi-test.devland.is/api/Documents/", - "prod": "https://samradapi.island.is/api/Documents/" - } - }, - "features": {}, - "name": "consultation-portal", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", - "IDENTITY_SERVER_SECRET": "/k8s/consultation-portal/IDENTITY_SERVER_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/samradsgatt" - ] - } - }, - "namespace": "consultation-portal", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "200m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "consultation-portal", - "replicaCount": { - "default": 2, - "max": 30, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: consultation-portal + enabled: true + env: + API_URL: http://web-api.islandis.svc.cluster.local + BACKEND_DL_URL: https://samradapi-test.devland.is/api/Documents/ + BASEPATH: /consultation-portal + ENVIRONMENT: dev + IDENTITY_SERVER_ISSUER_DOMAIN: identity-server.dev01.devland.is + LOG_LEVEL: info + NEXTAUTH_URL: https://beta.dev01.devland.is/samradsgatt/api/auth + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.dev01.devland.is + paths: + - /samradsgatt + namespace: consultation-portal + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 200m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + IDENTITY_SERVER_SECRET: /k8s/consultation-portal/IDENTITY_SERVER_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/consultation-portal/values.prod.yaml b/charts/services/consultation-portal/values.prod.yaml index 3786a3334616..ff1df323f0d8 100644 --- a/charts/services/consultation-portal/values.prod.yaml +++ b/charts/services/consultation-portal/values.prod.yaml @@ -1,102 +1,71 @@ -{ - "consultation-portal": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/consultation-portal", - "IDENTITY_SERVER_ISSUER_DOMAIN": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "NEXTAUTH_URL": { - "dev": "https://beta.dev01.devland.is/samradsgatt/api/auth", - "staging": "https://beta.staging01.devland.is/samradsgatt/api/auth", - "prod": "https://island.is/samradsgatt/api/auth" - }, - "BACKEND_DL_URL": { - "dev": "https://samradapi-test.devland.is/api/Documents/", - "staging": "https://samradapi-test.devland.is/api/Documents/", - "prod": "https://samradapi.island.is/api/Documents/" - } - }, - "features": {}, - "name": "consultation-portal", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", - "IDENTITY_SERVER_SECRET": "/k8s/consultation-portal/IDENTITY_SERVER_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/samradsgatt" - ] - } - }, - "namespace": "consultation-portal", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "200m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "consultation-portal", - "replicaCount": { - "default": 2, - "max": 30, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: consultation-portal + enabled: true + env: + API_URL: http://web-api.islandis.svc.cluster.local + BACKEND_DL_URL: https://samradapi.island.is/api/Documents/ + BASEPATH: /consultation-portal + ENVIRONMENT: prod + IDENTITY_SERVER_ISSUER_DOMAIN: innskra.island.is + LOG_LEVEL: info + NEXTAUTH_URL: https://island.is/samradsgatt/api/auth + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: island.is + paths: + - /samradsgatt + - host: www.island.is + paths: + - /samradsgatt + namespace: consultation-portal + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 200m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + IDENTITY_SERVER_SECRET: /k8s/consultation-portal/IDENTITY_SERVER_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/consultation-portal/values.staging.yaml b/charts/services/consultation-portal/values.staging.yaml index 3786a3334616..5edef6ec6914 100644 --- a/charts/services/consultation-portal/values.staging.yaml +++ b/charts/services/consultation-portal/values.staging.yaml @@ -1,102 +1,68 @@ -{ - "consultation-portal": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/consultation-portal", - "IDENTITY_SERVER_ISSUER_DOMAIN": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "NEXTAUTH_URL": { - "dev": "https://beta.dev01.devland.is/samradsgatt/api/auth", - "staging": "https://beta.staging01.devland.is/samradsgatt/api/auth", - "prod": "https://island.is/samradsgatt/api/auth" - }, - "BACKEND_DL_URL": { - "dev": "https://samradapi-test.devland.is/api/Documents/", - "staging": "https://samradapi-test.devland.is/api/Documents/", - "prod": "https://samradapi.island.is/api/Documents/" - } - }, - "features": {}, - "name": "consultation-portal", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN", - "IDENTITY_SERVER_SECRET": "/k8s/consultation-portal/IDENTITY_SERVER_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/samradsgatt" - ] - } - }, - "namespace": "consultation-portal", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "200m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "consultation-portal", - "replicaCount": { - "default": 2, - "max": 30, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: consultation-portal + enabled: true + env: + API_URL: http://web-api.islandis.svc.cluster.local + BACKEND_DL_URL: https://samradapi-test.devland.is/api/Documents/ + BASEPATH: /consultation-portal + ENVIRONMENT: staging + IDENTITY_SERVER_ISSUER_DOMAIN: identity-server.staging01.devland.is + LOG_LEVEL: info + NEXTAUTH_URL: https://beta.staging01.devland.is/samradsgatt/api/auth + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.staging01.devland.is + paths: + - /samradsgatt + namespace: consultation-portal + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 200m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + IDENTITY_SERVER_SECRET: /k8s/consultation-portal/IDENTITY_SERVER_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/contentful-apps/values.dev.yaml b/charts/services/contentful-apps/values.dev.yaml index 841d1897dcf9..00b78c3e18f4 100644 --- a/charts/services/contentful-apps/values.dev.yaml +++ b/charts/services/contentful-apps/values.dev.yaml @@ -1,62 +1,64 @@ -{ - "contentful-apps": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "contentful-apps", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "contentful-apps", - "staging": "contentful-apps", - "prod": "contentful-apps" - }, - "paths": [ - "/" - ] - } - }, - "namespace": "contentful-apps", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "50m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "contentful-apps", - "accountName": "contentful-apps", - "replicaCount": { - "default": 1, - "min": 1, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: contentful-apps + enabled: true + env: + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: contentful-apps.dev01.devland.is + paths: + - / + namespace: contentful-apps + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/contentful-apps + create: true + name: contentful-apps diff --git a/charts/services/contentful-apps/values.prod.yaml b/charts/services/contentful-apps/values.prod.yaml index 841d1897dcf9..ff95593c4eb3 100644 --- a/charts/services/contentful-apps/values.prod.yaml +++ b/charts/services/contentful-apps/values.prod.yaml @@ -1,62 +1,64 @@ -{ - "contentful-apps": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "contentful-apps", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "contentful-apps", - "staging": "contentful-apps", - "prod": "contentful-apps" - }, - "paths": [ - "/" - ] - } - }, - "namespace": "contentful-apps", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "50m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "contentful-apps", - "accountName": "contentful-apps", - "replicaCount": { - "default": 1, - "min": 1, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: contentful-apps + enabled: true + env: + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: contentful-apps.island.is + paths: + - / + namespace: contentful-apps + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/contentful-apps + create: true + name: contentful-apps diff --git a/charts/services/contentful-entry-tagger-service/values.dev.yaml b/charts/services/contentful-entry-tagger-service/values.dev.yaml index bb41b19b13d8..cdc43dcfb7dc 100644 --- a/charts/services/contentful-entry-tagger-service/values.dev.yaml +++ b/charts/services/contentful-entry-tagger-service/values.dev.yaml @@ -1,59 +1,66 @@ -{ - "contentful-entry-tagger-service": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "contentful-entry-tagger-service", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "CONTENTFUL_MANAGEMENT_ACCESS_TOKEN": "/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN", - "CONTENTFUL_REQUEST_TOKEN": "/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": "contentful-entry-tagger-service", - "staging": "contentful-entry-tagger-service", - "prod": "contentful-entry-tagger-service.devland.is" - }, - "paths": [ - "/" - ] - } - }, - "namespace": "contentful-entry-tagger", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-contentful-entry-tagger", - "accountName": "contentful-entry-tagger" - } - } -} \ No newline at end of file +service: + name: contentful-entry-tagger-service + enabled: true + env: + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: contentful-entry-tagger-service.dev01.devland.is + paths: + - / + namespace: contentful-entry-tagger + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: /k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN + CONTENTFUL_REQUEST_TOKEN: /k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/contentful-entry-tagger + create: true + name: contentful-entry-tagger diff --git a/charts/services/contentful-entry-tagger-service/values.prod.yaml b/charts/services/contentful-entry-tagger-service/values.prod.yaml index bb41b19b13d8..280194e8d4af 100644 --- a/charts/services/contentful-entry-tagger-service/values.prod.yaml +++ b/charts/services/contentful-entry-tagger-service/values.prod.yaml @@ -1,59 +1,66 @@ -{ - "contentful-entry-tagger-service": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "contentful-entry-tagger-service", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "CONTENTFUL_MANAGEMENT_ACCESS_TOKEN": "/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN", - "CONTENTFUL_REQUEST_TOKEN": "/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": "contentful-entry-tagger-service", - "staging": "contentful-entry-tagger-service", - "prod": "contentful-entry-tagger-service.devland.is" - }, - "paths": [ - "/" - ] - } - }, - "namespace": "contentful-entry-tagger", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-contentful-entry-tagger", - "accountName": "contentful-entry-tagger" - } - } -} \ No newline at end of file +service: + name: contentful-entry-tagger-service + enabled: true + env: + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: contentful-entry-tagger-service.devland.is + paths: + - / + namespace: contentful-entry-tagger + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: /k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN + CONTENTFUL_REQUEST_TOKEN: /k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/contentful-entry-tagger + create: true + name: contentful-entry-tagger diff --git a/charts/services/download-service/values.dev.yaml b/charts/services/download-service/values.dev.yaml index e7a79ccbf27d..6aa6795c0e7a 100644 --- a/charts/services/download-service/values.dev.yaml +++ b/charts/services/download-service/values.dev.yaml @@ -1,276 +1,101 @@ -{ - "download-service": { - "serviceDef": { - "liveness": { - "path": "download/v1/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "download/v1/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/download-service" - }, - "features": {}, - "name": "download-service", - "grantNamespaces": [ - "islandis", - "nginx-ingress-external", - "services-bff-portals-admin" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET", - "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", - "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", - "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", - "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", - "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", - "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", - "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", - "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH" - }, - "ingress": { - "primary": { - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": {} - }, - "host": { - "dev": [ - "api" - ], - "staging": [ - "api" - ], - "prod": [ - "api" - ] - }, - "paths": [ - "/download" - ], - "public": true - } - }, - "namespace": "download-service", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "200m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", - "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" - }, - "XROAD_FINANCES_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" - }, - "XROAD_HMS_LOANS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" - }, - "XROAD_HMS_HOUSING_BENEFITS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_INSURANCE_WSDLURL": { - "dev": "https://test-huld.sjukra.is/islandrg?wsdl", - "staging": "https://test-huld.sjukra.is/islandrg?wsdl", - "prod": "https://huld.sjukra.is/islandrg?wsdl" - }, - "XROAD_HEALTH_INSURANCE_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", - "prod": "IS/GOV/4804080550/SJUKRA-Protected" - }, - "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" - } - }, - "secrets": { - "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", - "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", - "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", - "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" - }, - "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" - }, - "XROAD_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" - }, - "XROAD_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" - }, - "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" - }, - "XROAD_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", - "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_LICENSE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" - }, - "XROAD_MMS_GRADE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "download-service" - } - } -} \ No newline at end of file +service: + name: download-service + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/download-service" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local + SERVERSIDE_FEATURES_ON: "" + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1 + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_BIFROST_UNIVERSITY_PATH: IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1 + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur + XROAD_FINANCES_PATH: IS-DEV/GOV/10021/FJS-Public/financeIsland + XROAD_FINANCES_V2_PATH: IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2 + XROAD_HEALTH_INSURANCE_ID: IS-DEV/GOV/10007/SJUKRA-Protected + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur + XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl + XROAD_HMS_HOUSING_BENEFITS_PATH: IS-DEV/GOV/10033/HMS-Protected/husbot-v1 + XROAD_HMS_LOANS_PATH: IS-DEV/GOV/10033/HMS-Protected/libra-v1 + XROAD_HOLAR_UNIVERSITY_PATH: IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1 + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1 + XROAD_MMS_GRADE_SERVICE_ID: IS-DEV/GOV/10066/MMS-Protected/grade-api-v1 + XROAD_MMS_LICENSE_SERVICE_ID: IS-DEV/GOV/10066/MMS-Protected/license-api-v1 + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1 + XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10010/HI-Protected/brautskraning-v1 + XROAD_VEHICLES_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1 + XROAD_WORK_MACHINE_LICENSE_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token + grantNamespaces: + - islandis + - nginx-ingress-external + - services-bff-portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: download/v1/liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: download/v1/readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: api.dev01.devland.is + paths: + - /download + namespace: download-service + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 200m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + IDENTITY_SERVER_CLIENT_SECRET: /k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET + POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH + POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID + POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET + POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL + REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD + XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/download-service/values.prod.yaml b/charts/services/download-service/values.prod.yaml index e7a79ccbf27d..cb6400083774 100644 --- a/charts/services/download-service/values.prod.yaml +++ b/charts/services/download-service/values.prod.yaml @@ -1,276 +1,100 @@ -{ - "download-service": { - "serviceDef": { - "liveness": { - "path": "download/v1/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "download/v1/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/download-service" - }, - "features": {}, - "name": "download-service", - "grantNamespaces": [ - "islandis", - "nginx-ingress-external", - "services-bff-portals-admin" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET", - "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", - "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", - "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", - "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", - "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", - "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", - "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", - "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH" - }, - "ingress": { - "primary": { - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": {} - }, - "host": { - "dev": [ - "api" - ], - "staging": [ - "api" - ], - "prod": [ - "api" - ] - }, - "paths": [ - "/download" - ], - "public": true - } - }, - "namespace": "download-service", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "200m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", - "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" - }, - "XROAD_FINANCES_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" - }, - "XROAD_HMS_LOANS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" - }, - "XROAD_HMS_HOUSING_BENEFITS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_INSURANCE_WSDLURL": { - "dev": "https://test-huld.sjukra.is/islandrg?wsdl", - "staging": "https://test-huld.sjukra.is/islandrg?wsdl", - "prod": "https://huld.sjukra.is/islandrg?wsdl" - }, - "XROAD_HEALTH_INSURANCE_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", - "prod": "IS/GOV/4804080550/SJUKRA-Protected" - }, - "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" - } - }, - "secrets": { - "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", - "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", - "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", - "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" - }, - "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" - }, - "XROAD_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" - }, - "XROAD_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" - }, - "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" - }, - "XROAD_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", - "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_LICENSE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" - }, - "XROAD_MMS_GRADE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "download-service" - } - } -} \ No newline at end of file +service: + name: download-service + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/download-service" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/4112043590/LBHI-Protected/brautskraning-v1 + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_BIFROST_UNIVERSITY_PATH: IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1 + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur + XROAD_FINANCES_PATH: IS/GOV/5402697509/FJS-Public/financeIsland + XROAD_FINANCES_V2_PATH: IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2 + XROAD_HEALTH_INSURANCE_ID: IS/GOV/4804080550/SJUKRA-Protected + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS/GOV/4804080550/SJUKRA-Protected/minarsidur + XROAD_HEALTH_INSURANCE_WSDLURL: https://huld.sjukra.is/islandrg?wsdl + XROAD_HMS_HOUSING_BENEFITS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1 + XROAD_HMS_LOANS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1 + XROAD_HOLAR_UNIVERSITY_PATH: IS/EDU/5001694359/Holar-Protected/brautskraning-v1 + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS/EDU/4210984099/LHI-Protected/brautskraning-v1 + XROAD_MMS_GRADE_SERVICE_ID: IS/GOV/6601241280/MMS-Protected/grade-api-v1 + XROAD_MMS_LICENSE_SERVICE_ID: IS/GOV/6601241280/MMS-Protected/license-api-v1 + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS/EDU/5206871229/UNAK-Protected/brautskraning-v1 + XROAD_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/6001692039/HI-Protected/brautskraning-v1 + XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 + XROAD_WORK_MACHINE_LICENSE_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + grantNamespaces: + - islandis + - nginx-ingress-external + - services-bff-portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: download/v1/liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: download/v1/readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: api.island.is + paths: + - /download + namespace: download-service + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 200m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + IDENTITY_SERVER_CLIENT_SECRET: /k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET + POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH + POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID + POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET + POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL + REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD + XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/download-service/values.staging.yaml b/charts/services/download-service/values.staging.yaml index e7a79ccbf27d..7c49d3dc3613 100644 --- a/charts/services/download-service/values.staging.yaml +++ b/charts/services/download-service/values.staging.yaml @@ -1,276 +1,101 @@ -{ - "download-service": { - "serviceDef": { - "liveness": { - "path": "download/v1/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "download/v1/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/download-service" - }, - "features": {}, - "name": "download-service", - "grantNamespaces": [ - "islandis", - "nginx-ingress-external", - "services-bff-portals-admin" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET", - "POSTHOLF_CLIENTID": "/k8s/documents/POSTHOLF_CLIENTID", - "POSTHOLF_CLIENT_SECRET": "/k8s/documents/POSTHOLF_CLIENT_SECRET", - "POSTHOLF_TOKEN_URL": "/k8s/documents/POSTHOLF_TOKEN_URL", - "POSTHOLF_BASE_PATH": "/k8s/documents/POSTHOLF_BASE_PATH", - "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", - "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", - "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", - "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH" - }, - "ingress": { - "primary": { - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": {} - }, - "host": { - "dev": [ - "api" - ], - "staging": [ - "api" - ], - "prod": [ - "api" - ] - }, - "paths": [ - "/download" - ], - "public": true - } - }, - "namespace": "download-service", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "200m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FINANCES_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeIsland", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeIsland", - "prod": "IS/GOV/5402697509/FJS-Public/financeIsland" - }, - "XROAD_FINANCES_V2_PATH": { - "dev": "IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2", - "staging": "IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2", - "prod": "IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2" - }, - "XROAD_HMS_LOANS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/libra-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/libra-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1" - }, - "XROAD_HMS_HOUSING_BENEFITS_PATH": { - "dev": "IS-DEV/GOV/10033/HMS-Protected/husbot-v1", - "staging": "IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1", - "prod": "IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_HEALTH_INSURANCE_WSDLURL": { - "dev": "https://test-huld.sjukra.is/islandrg?wsdl", - "staging": "https://test-huld.sjukra.is/islandrg?wsdl", - "prod": "https://huld.sjukra.is/islandrg?wsdl" - }, - "XROAD_HEALTH_INSURANCE_ID": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected", - "prod": "IS/GOV/4804080550/SJUKRA-Protected" - }, - "XROAD_HEALTH_INSURANCE_MY_PAGES_PATH": { - "dev": "IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur", - "staging": "IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur", - "prod": "IS/GOV/4804080550/SJUKRA-Protected/minarsidur" - } - }, - "secrets": { - "XROAD_HEALTH_INSURANCE_USERNAME": "/k8s/health-insurance/XROAD-USER", - "XROAD_HEALTH_INSURANCE_PASSWORD": "/k8s/health-insurance/XROAD-PASSWORD", - "XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME", - "XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD": "/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD" - } - } - }, - { - "config": { - "env": { - "XROAD_VEHICLES_PATH": { - "dev": "IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1", - "staging": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1", - "prod": "IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/brautskraning-v1" - }, - "XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/brautskraning-v1" - }, - "XROAD_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1" - }, - "XROAD_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/brautskraning-v1" - }, - "XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/brautskraning-v1" - }, - "XROAD_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/brautskraning-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/brautskraning-v1", - "prod": "IS/EDU/6001692039/HI-Protected/brautskraning-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_WORK_MACHINE_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token", - "staging": "IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token", - "prod": "IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token" - } - } - } - }, - { - "config": { - "env": { - "XROAD_MMS_LICENSE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/license-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/license-api-v1" - }, - "XROAD_MMS_GRADE_SERVICE_ID": { - "dev": "IS-DEV/GOV/10066/MMS-Protected/grade-api-v1", - "staging": "IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1", - "prod": "IS/GOV/6601241280/MMS-Protected/grade-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH": { - "dev": "IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "staging": "IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis", - "prod": "IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "download-service" - } - } -} \ No newline at end of file +service: + name: download-service + enabled: true + env: + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/download-service" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local + SERVERSIDE_FEATURES_ON: "" + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1 + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_BIFROST_UNIVERSITY_PATH: IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1 + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur + XROAD_FINANCES_PATH: IS-TEST/GOV/10021/FJS-Public/financeIsland + XROAD_FINANCES_V2_PATH: IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2 + XROAD_HEALTH_INSURANCE_ID: IS-TEST/GOV/4804080550/SJUKRA-Protected + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur + XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl + XROAD_HMS_HOUSING_BENEFITS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1 + XROAD_HMS_LOANS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/libra-v1 + XROAD_HOLAR_UNIVERSITY_PATH: IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1 + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1 + XROAD_MMS_GRADE_SERVICE_ID: IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1 + XROAD_MMS_LICENSE_SERVICE_ID: IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1 + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1 + XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10010/HI-Protected/brautskraning-v1 + XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 + XROAD_WORK_MACHINE_LICENSE_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + grantNamespaces: + - islandis + - nginx-ingress-external + - services-bff-portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: download/v1/liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: download/v1/readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: api.staging01.devland.is + paths: + - /download + namespace: download-service + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 200m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + IDENTITY_SERVER_CLIENT_SECRET: /k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET + POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH + POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID + POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET + POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL + REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD + XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/endorsement-system-api/values.dev.yaml b/charts/services/endorsement-system-api/values.dev.yaml index 7f84e7553d7d..ee039b49b8b7 100644 --- a/charts/services/endorsement-system-api/values.dev.yaml +++ b/charts/services/endorsement-system-api/values.dev.yaml @@ -1,188 +1,112 @@ -{ - "endorsement-system-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "EMAIL_REGION": "eu-west-1", - "EMAIL_FROM_NAME": { - "dev": "devland.is", - "staging": "devland.is", - "prod": "island.is" - }, - "EMAIL_FROM_ADDRESS": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "noreply@island.is" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/endorsement", - "ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME": { - "dev": "island-is-dev-exports-endorsement-system", - "staging": "island-is-staging-exports-endorsement-system", - "prod": "island-is-prod-exports-endorsement-system" - } - }, - "features": {}, - "name": "endorsement-system-api", - "grantNamespaces": [ - "islandis", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/endorsement-system-api/IDS-shared-secret", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "endorsement-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-endorsements-api", - "accountName": "endorsement-system-api", - "cmds": "node", - "args": [ - "--tls-min-v1.0", - "--no-experimental-fetch", - "main.js" - ], - "postgres": { - "name": "services_endorsements_api", - "username": "services_endorsements_api", - "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "services_endorsements_api", - "username": "services_endorsements_api", - "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" - } - } - } - } -} \ No newline at end of file +service: + name: endorsement-system-api + args: + - --tls-min-v1.0 + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_endorsements_api + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: services_endorsements_api + EMAIL_FROM_ADDRESS: development@island.is + EMAIL_FROM_NAME: devland.is + EMAIL_REGION: eu-west-1 + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: island-is-dev-exports-endorsement-system + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/endorsement" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "10001" + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + grantNamespaces: + - islandis + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_endorsements_api + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: services_endorsements_api + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD + namespace: endorsement-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/endorsement-system-api/IDS-shared-secret + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/endorsement-system-api + create: true + name: endorsement-system-api diff --git a/charts/services/endorsement-system-api/values.prod.yaml b/charts/services/endorsement-system-api/values.prod.yaml index 7f84e7553d7d..03cbf4e72644 100644 --- a/charts/services/endorsement-system-api/values.prod.yaml +++ b/charts/services/endorsement-system-api/values.prod.yaml @@ -1,188 +1,112 @@ -{ - "endorsement-system-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "EMAIL_REGION": "eu-west-1", - "EMAIL_FROM_NAME": { - "dev": "devland.is", - "staging": "devland.is", - "prod": "island.is" - }, - "EMAIL_FROM_ADDRESS": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "noreply@island.is" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/endorsement", - "ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME": { - "dev": "island-is-dev-exports-endorsement-system", - "staging": "island-is-staging-exports-endorsement-system", - "prod": "island-is-prod-exports-endorsement-system" - } - }, - "features": {}, - "name": "endorsement-system-api", - "grantNamespaces": [ - "islandis", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/endorsement-system-api/IDS-shared-secret", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "endorsement-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-endorsements-api", - "accountName": "endorsement-system-api", - "cmds": "node", - "args": [ - "--tls-min-v1.0", - "--no-experimental-fetch", - "main.js" - ], - "postgres": { - "name": "services_endorsements_api", - "username": "services_endorsements_api", - "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "services_endorsements_api", - "username": "services_endorsements_api", - "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" - } - } - } - } -} \ No newline at end of file +service: + name: endorsement-system-api + args: + - --tls-min-v1.0 + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_endorsements_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_endorsements_api + EMAIL_FROM_ADDRESS: noreply@island.is + EMAIL_FROM_NAME: island.is + EMAIL_REGION: eu-west-1 + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: island-is-prod-exports-endorsement-system + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/endorsement" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + grantNamespaces: + - islandis + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_endorsements_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_endorsements_api + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD + namespace: endorsement-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/endorsement-system-api/IDS-shared-secret + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/endorsement-system-api + create: true + name: endorsement-system-api diff --git a/charts/services/endorsement-system-api/values.staging.yaml b/charts/services/endorsement-system-api/values.staging.yaml index 7f84e7553d7d..274eade7d58b 100644 --- a/charts/services/endorsement-system-api/values.staging.yaml +++ b/charts/services/endorsement-system-api/values.staging.yaml @@ -1,188 +1,112 @@ -{ - "endorsement-system-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "EMAIL_REGION": "eu-west-1", - "EMAIL_FROM_NAME": { - "dev": "devland.is", - "staging": "devland.is", - "prod": "island.is" - }, - "EMAIL_FROM_ADDRESS": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "noreply@island.is" - }, - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/endorsement", - "ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME": { - "dev": "island-is-dev-exports-endorsement-system", - "staging": "island-is-staging-exports-endorsement-system", - "prod": "island-is-prod-exports-endorsement-system" - } - }, - "features": {}, - "name": "endorsement-system-api", - "grantNamespaces": [ - "islandis", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/endorsement-system-api/IDS-shared-secret", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "endorsement-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-endorsements-api", - "accountName": "endorsement-system-api", - "cmds": "node", - "args": [ - "--tls-min-v1.0", - "--no-experimental-fetch", - "main.js" - ], - "postgres": { - "name": "services_endorsements_api", - "username": "services_endorsements_api", - "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "services_endorsements_api", - "username": "services_endorsements_api", - "passwordSecret": "/k8s/services-endorsements-api/DB_PASSWORD" - } - } - } - } -} \ No newline at end of file +service: + name: endorsement-system-api + args: + - --tls-min-v1.0 + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_endorsements_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_endorsements_api + EMAIL_FROM_ADDRESS: development@island.is + EMAIL_FROM_NAME: devland.is + EMAIL_REGION: eu-west-1 + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: island-is-staging-exports-endorsement-system + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/endorsement" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + grantNamespaces: + - islandis + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_endorsements_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_endorsements_api + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD + namespace: endorsement-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/endorsement-system-api/IDS-shared-secret + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/endorsement-system-api + create: true + name: endorsement-system-api diff --git a/charts/services/external-contracts-tests/values.dev.yaml b/charts/services/external-contracts-tests/values.dev.yaml index 2e82480b4b1e..2b05d25adf66 100644 --- a/charts/services/external-contracts-tests/values.dev.yaml +++ b/charts/services/external-contracts-tests/values.dev.yaml @@ -1,101 +1,57 @@ -{ - "external-contracts-tests": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "external-contracts-tests", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "external-contracts-tests", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "1", - "memory": "1024Mi" - }, - "requests": { - "cpu": "500m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - } - } - } - } - ], - "files": [], - "volumes": [], - "extraAttributes": { - "dev": { - "schedule": "0 11 * * *" - }, - "staging": { - "schedule": "0 11 * * *" - }, - "prod": { - "schedule": "0 11 * * *" - } - } - } - } -} \ No newline at end of file +service: + name: external-contracts-tests + enabled: true + env: + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "10001" + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests + namespace: external-contracts-tests + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: "1" + memory: 1024Mi + requests: + cpu: 500m + memory: 512Mi + schedule: 0 11 * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/github-actions-cache/values.dev.yaml b/charts/services/github-actions-cache/values.dev.yaml index 9fe457e8b842..5bcc9201f243 100644 --- a/charts/services/github-actions-cache/values.dev.yaml +++ b/charts/services/github-actions-cache/values.dev.yaml @@ -1,82 +1,72 @@ -{ - "github-actions-cache": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "REDIS_NODES": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379" - }, - "features": {}, - "name": "github-actions-cache", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "cache" - ], - "staging": [ - "" - ], - "prod": [ - "", - "" - ] - }, - "paths": [ - "/" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - } - }, - "public": true - } - }, - "namespace": "github-actions-cache", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "github-actions-cache", - "cmds": "node", - "args": [ - "--tls-min-v1.0", - "--no-experimental-fetch", - "main.js" - ], - "replicaCount": { - "min": 3, - "max": 8, - "default": 5 - } - } - } -} \ No newline at end of file +service: + name: github-actions-cache + args: + - --tls-min-v1.0 + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 + REDIS_NODES: clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379 + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 8 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: cache.dev01.devland.is + paths: + - / + namespace: github-actions-cache + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 5 + max: 8 + min: 3 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/github-actions-cache + create: true + name: github-actions-cache diff --git a/charts/services/icelandic-names-registry-backend/values.dev.yaml b/charts/services/icelandic-names-registry-backend/values.dev.yaml index 57b6470cd7ea..f603b5505307 100644 --- a/charts/services/icelandic-names-registry-backend/values.dev.yaml +++ b/charts/services/icelandic-names-registry-backend/values.dev.yaml @@ -1,86 +1,91 @@ -{ - "icelandic-names-registry-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "icelandic-names-registry-backend", - "grantNamespaces": [ - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "icelandic-names-registry", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "icelandic-names-registry-backend", - "postgres": { - "username": "icelandic_names_registry_backend", - "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", - "name": "icelandic_names_registry_backend" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - }, - { - "name": "seed", - "command": "npx", - "args": [ - "sequelize-cli", - "db:seed:all" - ] - } - ], - "postgres": { - "username": "icelandic_names_registry_backend", - "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", - "name": "icelandic_names_registry_backend" - } - } - } - } -} \ No newline at end of file +service: + name: icelandic-names-registry-backend + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: icelandic_names_registry_backend + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: icelandic_names_registry_backend + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + - args: + - sequelize-cli + - db:seed:all + command: + - npx + name: seed + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: icelandic_names_registry_backend + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: icelandic_names_registry_backend + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD + namespace: icelandic-names-registry + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/icelandic-names-registry-backend/values.prod.yaml b/charts/services/icelandic-names-registry-backend/values.prod.yaml index 57b6470cd7ea..33659d0743ae 100644 --- a/charts/services/icelandic-names-registry-backend/values.prod.yaml +++ b/charts/services/icelandic-names-registry-backend/values.prod.yaml @@ -1,86 +1,91 @@ -{ - "icelandic-names-registry-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "icelandic-names-registry-backend", - "grantNamespaces": [ - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "icelandic-names-registry", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "icelandic-names-registry-backend", - "postgres": { - "username": "icelandic_names_registry_backend", - "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", - "name": "icelandic_names_registry_backend" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - }, - { - "name": "seed", - "command": "npx", - "args": [ - "sequelize-cli", - "db:seed:all" - ] - } - ], - "postgres": { - "username": "icelandic_names_registry_backend", - "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", - "name": "icelandic_names_registry_backend" - } - } - } - } -} \ No newline at end of file +service: + name: icelandic-names-registry-backend + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: icelandic_names_registry_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: icelandic_names_registry_backend + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + - args: + - sequelize-cli + - db:seed:all + command: + - npx + name: seed + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: icelandic_names_registry_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: icelandic_names_registry_backend + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD + namespace: icelandic-names-registry + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/icelandic-names-registry-backend/values.staging.yaml b/charts/services/icelandic-names-registry-backend/values.staging.yaml index 57b6470cd7ea..319b33d6f4ef 100644 --- a/charts/services/icelandic-names-registry-backend/values.staging.yaml +++ b/charts/services/icelandic-names-registry-backend/values.staging.yaml @@ -1,86 +1,91 @@ -{ - "icelandic-names-registry-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "icelandic-names-registry-backend", - "grantNamespaces": [ - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "icelandic-names-registry", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "icelandic-names-registry-backend", - "postgres": { - "username": "icelandic_names_registry_backend", - "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", - "name": "icelandic_names_registry_backend" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - }, - { - "name": "seed", - "command": "npx", - "args": [ - "sequelize-cli", - "db:seed:all" - ] - } - ], - "postgres": { - "username": "icelandic_names_registry_backend", - "passwordSecret": "/k8s/icelandic-names-registry-backend/DB_PASSWORD", - "name": "icelandic_names_registry_backend" - } - } - } - } -} \ No newline at end of file +service: + name: icelandic-names-registry-backend + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: icelandic_names_registry_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: icelandic_names_registry_backend + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + - args: + - sequelize-cli + - db:seed:all + command: + - npx + name: seed + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: icelandic_names_registry_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: icelandic_names_registry_backend + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD + namespace: icelandic-names-registry + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/identity-server/values.dev.yaml b/charts/services/identity-server/values.dev.yaml index 5b8832c33b52..38fc489228f5 100644 --- a/charts/services/identity-server/values.dev.yaml +++ b/charts/services/identity-server/values.dev.yaml @@ -1,201 +1,125 @@ -{ - "identity-server": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AWS__CloudWatch__AuditLogGroup": "/identity-server/audit-log", - "ASPNETCORE_URLS": "http://*:5000", - "CORECLR_ENABLE_PROFILING": "1", - "CORECLR_PROFILER": "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}", - "CORECLR_PROFILER_PATH": "/opt/datadog/Datadog.Trace.ClrProfiler.Native.so", - "DD_INTEGRATIONS": "/opt/datadog/integrations.json", - "DD_DOTNET_TRACER_HOME": "/opt/datadog", - "DD_TRACE_DEBUG": "true", - "Datadog__Metrics__Port": "5003", - "AudkenniSettings__Retries": "24", - "AWS__SystemsManager__ParameterStore__DataProtectionPrefix": { - "dev": "/k8s/identity-server/DataProtectionSecret", - "staging": "/k8s/identity-server/DataProtectionSecret", - "prod": "/k8s/identity-server/DataProtectionSecret" - }, - "CacheSettings__Enabled": { - "dev": "true", - "staging": "true", - "prod": "true" - }, - "RedisSettings__Address": { - "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com", - "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com", - "prod": "clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com" - }, - "RedisSettings__Port": { - "dev": "6379", - "staging": "6379", - "prod": "6379" - }, - "IdentityServer__EnableFakeLogin": { - "dev": "true", - "staging": "true", - "prod": "true" - }, - "IdentityServer__EnableFeatureDeploymentWildcards": { - "dev": "true", - "staging": "true", - "prod": "false" - }, - "IdentityServer__KeyManagement__Enabled": { - "dev": "true", - "staging": "true", - "prod": "true" - }, - "IdentityServer__ConsentsScope": "@island.is/auth/consents", - "SessionsApiSettings__BaseAddress": { - "dev": "http://web-services-sessions.services-sessions.svc.cluster.local", - "staging": "http://web-services-sessions.services-sessions.svc.cluster.local", - "prod": "https://sessions-api.internal.island.is" - }, - "PersistenceSettings__DelegationsCacheEnabled": { - "dev": "false", - "staging": "false", - "prod": "true" - }, - "MeUserProfileApiSettings__BaseAddress": { - "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", - "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", - "prod": "https://service-portal-api.internal.island.is" - }, - "Application__MinCompletionPortThreads": "10", - "ContentfulSettings__BaseAddress": { - "dev": "https://preview.contentful.com", - "staging": "https://cdn.contentful.com", - "prod": "https://cdn.contentful.com" - }, - "Application__AllowedRedirectUris": { - "dev": "https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir", - "staging": "https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir", - "prod": "https://island.is/minarsidur,https://island.is/umsoknir" - } - }, - "features": {}, - "name": "identity-server", - "grantNamespaces": [ - "nginx-ingress-external", - "user-notification", - "portals-admin" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IdentityServer__LicenseKey": "/k8s/identity-server/LicenseKey", - "AudkenniSettings__ClientId": "/k8s/identity-server/AudkenniClientId", - "AudkenniSettings__ClientSecret": "/k8s/identity-server/AudkenniClientSecret", - "IdentityServer__FakePersons": "/k8s/identity-server/FakePersons", - "IdentityServer__SigningCertificate__Passphrase": "/k8s/identity-server/SigningCertificatePassphrase", - "PersistenceSettings__AccessTokenManagementSettings__ClientSecret": "/k8s/identity-server/ClientSecret", - "Scopes__Admin__RootAccessList": "/k8s/identity-server/AdminRootAccessList", - "FeatureFlags__ConfigCatSdkKey": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ContentfulSettings__AccessToken": "/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN", - "Redaction__UserIdentifiers__KeyId": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID", - "Redaction__UserIdentifiers__Key": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server", - "staging": "identity-server", - "prod": "innskra.island.is" - }, - "paths": [ - "/" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "identity-server", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "4000m", - "memory": "2048Mi" - }, - "requests": { - "cpu": "1000m", - "memory": "1024Mi" - } - }, - "xroadConfig": [], - "files": [ - { - "filename": "ids-signing.pfx", - "env": "IdentityServer__SigningCertificate__Path" - } - ], - "volumes": [ - { - "mountPath": "/keys", - "size": "1Gi", - "accessModes": "ReadWrite" - } - ], - "image": "identity-server", - "healthPort": 5010, - "port": 5000, - "accountName": "identity-server", - "extraAttributes": { - "dev": { - "annotations": { - "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", - "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", - "ad.datadoghq.com/identity-server.init_configs": "[{}]", - "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" - } - }, - "staging": { - "annotations": { - "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", - "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", - "ad.datadoghq.com/identity-server.init_configs": "[{}]", - "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" - } - }, - "prod": { - "annotations": { - "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", - "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", - "ad.datadoghq.com/identity-server.init_configs": "[{}]", - "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" - } - } - } - } - } -} \ No newline at end of file +service: + name: identity-server + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: "[{}]" + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": + "http://%%host%%:5003/metrics","namespace": + "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: http://*:5000 + AWS__CloudWatch__AuditLogGroup: /identity-server/audit-log + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: /k8s/identity-server/DataProtectionSecret + Application__AllowedRedirectUris: https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir + Application__MinCompletionPortThreads: "10" + AudkenniSettings__Retries: "24" + CORECLR_ENABLE_PROFILING: "1" + CORECLR_PROFILER: "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}" + CORECLR_PROFILER_PATH: /opt/datadog/Datadog.Trace.ClrProfiler.Native.so + CacheSettings__Enabled: "true" + ContentfulSettings__BaseAddress: https://preview.contentful.com + DD_DOTNET_TRACER_HOME: /opt/datadog + DD_INTEGRATIONS: /opt/datadog/integrations.json + DD_TRACE_DEBUG: "true" + Datadog__Metrics__Port: "5003" + IdentityServer__ConsentsScope: "@island.is/auth/consents" + IdentityServer__EnableFakeLogin: "true" + IdentityServer__EnableFeatureDeploymentWildcards: "true" + IdentityServer__KeyManagement__Enabled: "true" + IdentityServer__SigningCertificate__Path: /etc/config/ids-signing.pfx + LOG_LEVEL: info + MeUserProfileApiSettings__BaseAddress: http://web-service-portal-api.service-portal.svc.cluster.local + NODE_OPTIONS: --max-old-space-size=1843 -r dd-trace/init + PersistenceSettings__BaseAddress: http://web-services-auth-ids-api + PersistenceSettings__DelegationsCacheEnabled: "false" + RedisSettings__Address: clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com + RedisSettings__Port: "6379" + SERVERSIDE_FEATURES_ON: "" + SessionsApiSettings__BaseAddress: http://web-services-sessions.services-sessions.svc.cluster.local + files: + - ids-signing.pfx + grantNamespaces: + - nginx-ingress-external + - user-notification + - portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: identity-server.dev01.devland.is + paths: + - / + namespace: identity-server + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: ReadWriteMany + mountPath: /keys + name: identity-server + size: 1Gi + storageClass: efs-csi + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 4000m + memory: 2048Mi + requests: + cpu: 1000m + memory: 1024Mi + secrets: + AudkenniSettings__ClientId: /k8s/identity-server/AudkenniClientId + AudkenniSettings__ClientSecret: /k8s/identity-server/AudkenniClientSecret + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ContentfulSettings__AccessToken: /k8s/identity-server/CONTENTFUL_ACCESS_TOKEN + FeatureFlags__ConfigCatSdkKey: /k8s/configcat/CONFIGCAT_SDK_KEY + IdentityServer__FakePersons: /k8s/identity-server/FakePersons + IdentityServer__LicenseKey: /k8s/identity-server/LicenseKey + IdentityServer__SigningCertificate__Passphrase: /k8s/identity-server/SigningCertificatePassphrase + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: /k8s/identity-server/ClientSecret + Redaction__UserIdentifiers__Key: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY + Redaction__UserIdentifiers__KeyId: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID + Scopes__Admin__RootAccessList: /k8s/identity-server/AdminRootAccessList + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/identity-server + create: true + name: identity-server diff --git a/charts/services/identity-server/values.prod.yaml b/charts/services/identity-server/values.prod.yaml index 5b8832c33b52..5d9cd80649a0 100644 --- a/charts/services/identity-server/values.prod.yaml +++ b/charts/services/identity-server/values.prod.yaml @@ -1,201 +1,124 @@ -{ - "identity-server": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AWS__CloudWatch__AuditLogGroup": "/identity-server/audit-log", - "ASPNETCORE_URLS": "http://*:5000", - "CORECLR_ENABLE_PROFILING": "1", - "CORECLR_PROFILER": "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}", - "CORECLR_PROFILER_PATH": "/opt/datadog/Datadog.Trace.ClrProfiler.Native.so", - "DD_INTEGRATIONS": "/opt/datadog/integrations.json", - "DD_DOTNET_TRACER_HOME": "/opt/datadog", - "DD_TRACE_DEBUG": "true", - "Datadog__Metrics__Port": "5003", - "AudkenniSettings__Retries": "24", - "AWS__SystemsManager__ParameterStore__DataProtectionPrefix": { - "dev": "/k8s/identity-server/DataProtectionSecret", - "staging": "/k8s/identity-server/DataProtectionSecret", - "prod": "/k8s/identity-server/DataProtectionSecret" - }, - "CacheSettings__Enabled": { - "dev": "true", - "staging": "true", - "prod": "true" - }, - "RedisSettings__Address": { - "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com", - "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com", - "prod": "clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com" - }, - "RedisSettings__Port": { - "dev": "6379", - "staging": "6379", - "prod": "6379" - }, - "IdentityServer__EnableFakeLogin": { - "dev": "true", - "staging": "true", - "prod": "true" - }, - "IdentityServer__EnableFeatureDeploymentWildcards": { - "dev": "true", - "staging": "true", - "prod": "false" - }, - "IdentityServer__KeyManagement__Enabled": { - "dev": "true", - "staging": "true", - "prod": "true" - }, - "IdentityServer__ConsentsScope": "@island.is/auth/consents", - "SessionsApiSettings__BaseAddress": { - "dev": "http://web-services-sessions.services-sessions.svc.cluster.local", - "staging": "http://web-services-sessions.services-sessions.svc.cluster.local", - "prod": "https://sessions-api.internal.island.is" - }, - "PersistenceSettings__DelegationsCacheEnabled": { - "dev": "false", - "staging": "false", - "prod": "true" - }, - "MeUserProfileApiSettings__BaseAddress": { - "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", - "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", - "prod": "https://service-portal-api.internal.island.is" - }, - "Application__MinCompletionPortThreads": "10", - "ContentfulSettings__BaseAddress": { - "dev": "https://preview.contentful.com", - "staging": "https://cdn.contentful.com", - "prod": "https://cdn.contentful.com" - }, - "Application__AllowedRedirectUris": { - "dev": "https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir", - "staging": "https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir", - "prod": "https://island.is/minarsidur,https://island.is/umsoknir" - } - }, - "features": {}, - "name": "identity-server", - "grantNamespaces": [ - "nginx-ingress-external", - "user-notification", - "portals-admin" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IdentityServer__LicenseKey": "/k8s/identity-server/LicenseKey", - "AudkenniSettings__ClientId": "/k8s/identity-server/AudkenniClientId", - "AudkenniSettings__ClientSecret": "/k8s/identity-server/AudkenniClientSecret", - "IdentityServer__FakePersons": "/k8s/identity-server/FakePersons", - "IdentityServer__SigningCertificate__Passphrase": "/k8s/identity-server/SigningCertificatePassphrase", - "PersistenceSettings__AccessTokenManagementSettings__ClientSecret": "/k8s/identity-server/ClientSecret", - "Scopes__Admin__RootAccessList": "/k8s/identity-server/AdminRootAccessList", - "FeatureFlags__ConfigCatSdkKey": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ContentfulSettings__AccessToken": "/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN", - "Redaction__UserIdentifiers__KeyId": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID", - "Redaction__UserIdentifiers__Key": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server", - "staging": "identity-server", - "prod": "innskra.island.is" - }, - "paths": [ - "/" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "identity-server", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "4000m", - "memory": "2048Mi" - }, - "requests": { - "cpu": "1000m", - "memory": "1024Mi" - } - }, - "xroadConfig": [], - "files": [ - { - "filename": "ids-signing.pfx", - "env": "IdentityServer__SigningCertificate__Path" - } - ], - "volumes": [ - { - "mountPath": "/keys", - "size": "1Gi", - "accessModes": "ReadWrite" - } - ], - "image": "identity-server", - "healthPort": 5010, - "port": 5000, - "accountName": "identity-server", - "extraAttributes": { - "dev": { - "annotations": { - "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", - "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", - "ad.datadoghq.com/identity-server.init_configs": "[{}]", - "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" - } - }, - "staging": { - "annotations": { - "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", - "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", - "ad.datadoghq.com/identity-server.init_configs": "[{}]", - "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" - } - }, - "prod": { - "annotations": { - "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", - "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", - "ad.datadoghq.com/identity-server.init_configs": "[{}]", - "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" - } - } - } - } - } -} \ No newline at end of file +service: + name: identity-server + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: "[{}]" + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": + "http://%%host%%:5003/metrics","namespace": + "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: http://*:5000 + AWS__CloudWatch__AuditLogGroup: /identity-server/audit-log + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: /k8s/identity-server/DataProtectionSecret + Application__AllowedRedirectUris: https://island.is/minarsidur,https://island.is/umsoknir + Application__MinCompletionPortThreads: "10" + AudkenniSettings__Retries: "24" + CORECLR_ENABLE_PROFILING: "1" + CORECLR_PROFILER: "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}" + CORECLR_PROFILER_PATH: /opt/datadog/Datadog.Trace.ClrProfiler.Native.so + CacheSettings__Enabled: "true" + ContentfulSettings__BaseAddress: https://cdn.contentful.com + DD_DOTNET_TRACER_HOME: /opt/datadog + DD_INTEGRATIONS: /opt/datadog/integrations.json + DD_TRACE_DEBUG: "true" + Datadog__Metrics__Port: "5003" + IdentityServer__ConsentsScope: "@island.is/auth/consents" + IdentityServer__EnableFakeLogin: "true" + IdentityServer__EnableFeatureDeploymentWildcards: "false" + IdentityServer__KeyManagement__Enabled: "true" + IdentityServer__SigningCertificate__Path: /etc/config/ids-signing.pfx + LOG_LEVEL: info + MeUserProfileApiSettings__BaseAddress: https://service-portal-api.internal.island.is + NODE_OPTIONS: --max-old-space-size=1843 -r dd-trace/init + PersistenceSettings__BaseAddress: http://web-services-auth-ids-api + PersistenceSettings__DelegationsCacheEnabled: "true" + RedisSettings__Address: clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com + RedisSettings__Port: "6379" + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SessionsApiSettings__BaseAddress: https://sessions-api.internal.island.is + files: + - ids-signing.pfx + grantNamespaces: + - nginx-ingress-external + - user-notification + - portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: innskra.island.is + paths: + - / + namespace: identity-server + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: ReadWriteMany + mountPath: /keys + name: identity-server + size: 1Gi + storageClass: efs-csi + useExisting: false + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 4000m + memory: 2048Mi + requests: + cpu: 1000m + memory: 1024Mi + secrets: + AudkenniSettings__ClientId: /k8s/identity-server/AudkenniClientId + AudkenniSettings__ClientSecret: /k8s/identity-server/AudkenniClientSecret + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ContentfulSettings__AccessToken: /k8s/identity-server/CONTENTFUL_ACCESS_TOKEN + FeatureFlags__ConfigCatSdkKey: /k8s/configcat/CONFIGCAT_SDK_KEY + IdentityServer__FakePersons: /k8s/identity-server/FakePersons + IdentityServer__LicenseKey: /k8s/identity-server/LicenseKey + IdentityServer__SigningCertificate__Passphrase: /k8s/identity-server/SigningCertificatePassphrase + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: /k8s/identity-server/ClientSecret + Redaction__UserIdentifiers__Key: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY + Redaction__UserIdentifiers__KeyId: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID + Scopes__Admin__RootAccessList: /k8s/identity-server/AdminRootAccessList + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::567113216315:role/identity-server + create: true + name: identity-server diff --git a/charts/services/identity-server/values.staging.yaml b/charts/services/identity-server/values.staging.yaml index 5b8832c33b52..24cb0d547979 100644 --- a/charts/services/identity-server/values.staging.yaml +++ b/charts/services/identity-server/values.staging.yaml @@ -1,201 +1,125 @@ -{ - "identity-server": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AWS__CloudWatch__AuditLogGroup": "/identity-server/audit-log", - "ASPNETCORE_URLS": "http://*:5000", - "CORECLR_ENABLE_PROFILING": "1", - "CORECLR_PROFILER": "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}", - "CORECLR_PROFILER_PATH": "/opt/datadog/Datadog.Trace.ClrProfiler.Native.so", - "DD_INTEGRATIONS": "/opt/datadog/integrations.json", - "DD_DOTNET_TRACER_HOME": "/opt/datadog", - "DD_TRACE_DEBUG": "true", - "Datadog__Metrics__Port": "5003", - "AudkenniSettings__Retries": "24", - "AWS__SystemsManager__ParameterStore__DataProtectionPrefix": { - "dev": "/k8s/identity-server/DataProtectionSecret", - "staging": "/k8s/identity-server/DataProtectionSecret", - "prod": "/k8s/identity-server/DataProtectionSecret" - }, - "CacheSettings__Enabled": { - "dev": "true", - "staging": "true", - "prod": "true" - }, - "RedisSettings__Address": { - "dev": "clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com", - "staging": "clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com", - "prod": "clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com" - }, - "RedisSettings__Port": { - "dev": "6379", - "staging": "6379", - "prod": "6379" - }, - "IdentityServer__EnableFakeLogin": { - "dev": "true", - "staging": "true", - "prod": "true" - }, - "IdentityServer__EnableFeatureDeploymentWildcards": { - "dev": "true", - "staging": "true", - "prod": "false" - }, - "IdentityServer__KeyManagement__Enabled": { - "dev": "true", - "staging": "true", - "prod": "true" - }, - "IdentityServer__ConsentsScope": "@island.is/auth/consents", - "SessionsApiSettings__BaseAddress": { - "dev": "http://web-services-sessions.services-sessions.svc.cluster.local", - "staging": "http://web-services-sessions.services-sessions.svc.cluster.local", - "prod": "https://sessions-api.internal.island.is" - }, - "PersistenceSettings__DelegationsCacheEnabled": { - "dev": "false", - "staging": "false", - "prod": "true" - }, - "MeUserProfileApiSettings__BaseAddress": { - "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", - "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", - "prod": "https://service-portal-api.internal.island.is" - }, - "Application__MinCompletionPortThreads": "10", - "ContentfulSettings__BaseAddress": { - "dev": "https://preview.contentful.com", - "staging": "https://cdn.contentful.com", - "prod": "https://cdn.contentful.com" - }, - "Application__AllowedRedirectUris": { - "dev": "https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir", - "staging": "https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir", - "prod": "https://island.is/minarsidur,https://island.is/umsoknir" - } - }, - "features": {}, - "name": "identity-server", - "grantNamespaces": [ - "nginx-ingress-external", - "user-notification", - "portals-admin" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IdentityServer__LicenseKey": "/k8s/identity-server/LicenseKey", - "AudkenniSettings__ClientId": "/k8s/identity-server/AudkenniClientId", - "AudkenniSettings__ClientSecret": "/k8s/identity-server/AudkenniClientSecret", - "IdentityServer__FakePersons": "/k8s/identity-server/FakePersons", - "IdentityServer__SigningCertificate__Passphrase": "/k8s/identity-server/SigningCertificatePassphrase", - "PersistenceSettings__AccessTokenManagementSettings__ClientSecret": "/k8s/identity-server/ClientSecret", - "Scopes__Admin__RootAccessList": "/k8s/identity-server/AdminRootAccessList", - "FeatureFlags__ConfigCatSdkKey": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ContentfulSettings__AccessToken": "/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN", - "Redaction__UserIdentifiers__KeyId": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID", - "Redaction__UserIdentifiers__Key": "/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server", - "staging": "identity-server", - "prod": "innskra.island.is" - }, - "paths": [ - "/" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "identity-server", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "4000m", - "memory": "2048Mi" - }, - "requests": { - "cpu": "1000m", - "memory": "1024Mi" - } - }, - "xroadConfig": [], - "files": [ - { - "filename": "ids-signing.pfx", - "env": "IdentityServer__SigningCertificate__Path" - } - ], - "volumes": [ - { - "mountPath": "/keys", - "size": "1Gi", - "accessModes": "ReadWrite" - } - ], - "image": "identity-server", - "healthPort": 5010, - "port": 5000, - "accountName": "identity-server", - "extraAttributes": { - "dev": { - "annotations": { - "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", - "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", - "ad.datadoghq.com/identity-server.init_configs": "[{}]", - "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" - } - }, - "staging": { - "annotations": { - "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", - "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", - "ad.datadoghq.com/identity-server.init_configs": "[{}]", - "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" - } - }, - "prod": { - "annotations": { - "ad.datadoghq.com/identity-server.logs": "[{\"service\": \"identity-server\", \"source\": \"csharp\"}]", - "ad.datadoghq.com/identity-server.check_names": "[\"openmetrics\"]", - "ad.datadoghq.com/identity-server.init_configs": "[{}]", - "ad.datadoghq.com/identity-server.instances": "[{\"prometheus_url\": \"http://%%host%%:5003/metrics\",\"namespace\": \"identity-server\",\"metrics\":[\"*\"]}]" - } - } - } - } - } -} \ No newline at end of file +service: + name: identity-server + annotations: + ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' + ad.datadoghq.com/identity-server.init_configs: "[{}]" + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": + "http://%%host%%:5003/metrics","namespace": + "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' + enabled: true + env: + ASPNETCORE_URLS: http://*:5000 + AWS__CloudWatch__AuditLogGroup: /identity-server/audit-log + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: /k8s/identity-server/DataProtectionSecret + Application__AllowedRedirectUris: https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir + Application__MinCompletionPortThreads: "10" + AudkenniSettings__Retries: "24" + CORECLR_ENABLE_PROFILING: "1" + CORECLR_PROFILER: "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}" + CORECLR_PROFILER_PATH: /opt/datadog/Datadog.Trace.ClrProfiler.Native.so + CacheSettings__Enabled: "true" + ContentfulSettings__BaseAddress: https://cdn.contentful.com + DD_DOTNET_TRACER_HOME: /opt/datadog + DD_INTEGRATIONS: /opt/datadog/integrations.json + DD_TRACE_DEBUG: "true" + Datadog__Metrics__Port: "5003" + IdentityServer__ConsentsScope: "@island.is/auth/consents" + IdentityServer__EnableFakeLogin: "true" + IdentityServer__EnableFeatureDeploymentWildcards: "true" + IdentityServer__KeyManagement__Enabled: "true" + IdentityServer__SigningCertificate__Path: /etc/config/ids-signing.pfx + LOG_LEVEL: info + MeUserProfileApiSettings__BaseAddress: http://web-service-portal-api.service-portal.svc.cluster.local + NODE_OPTIONS: --max-old-space-size=1843 -r dd-trace/init + PersistenceSettings__BaseAddress: http://web-services-auth-ids-api + PersistenceSettings__DelegationsCacheEnabled: "false" + RedisSettings__Address: clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com + RedisSettings__Port: "6379" + SERVERSIDE_FEATURES_ON: "" + SessionsApiSettings__BaseAddress: http://web-services-sessions.services-sessions.svc.cluster.local + files: + - ids-signing.pfx + grantNamespaces: + - nginx-ingress-external + - user-notification + - portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + port: 5010 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: identity-server.staging01.devland.is + paths: + - / + namespace: identity-server + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: + - accessModes: ReadWriteMany + mountPath: /keys + name: identity-server + size: 1Gi + storageClass: efs-csi + useExisting: false + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 4000m + memory: 2048Mi + requests: + cpu: 1000m + memory: 1024Mi + secrets: + AudkenniSettings__ClientId: /k8s/identity-server/AudkenniClientId + AudkenniSettings__ClientSecret: /k8s/identity-server/AudkenniClientSecret + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ContentfulSettings__AccessToken: /k8s/identity-server/CONTENTFUL_ACCESS_TOKEN + FeatureFlags__ConfigCatSdkKey: /k8s/configcat/CONFIGCAT_SDK_KEY + IdentityServer__FakePersons: /k8s/identity-server/FakePersons + IdentityServer__LicenseKey: /k8s/identity-server/LicenseKey + IdentityServer__SigningCertificate__Passphrase: /k8s/identity-server/SigningCertificatePassphrase + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: /k8s/identity-server/ClientSecret + Redaction__UserIdentifiers__Key: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY + Redaction__UserIdentifiers__KeyId: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID + Scopes__Admin__RootAccessList: /k8s/identity-server/AdminRootAccessList + securityContext: + allowPrivilegeEscalation: false + privileged: false + service: + targetPort: 5000 + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/identity-server + create: true + name: identity-server diff --git a/charts/services/island-ui-storybook/values.dev.yaml b/charts/services/island-ui-storybook/values.dev.yaml index 7b867b997d87..6c193ac2aca9 100644 --- a/charts/services/island-ui-storybook/values.dev.yaml +++ b/charts/services/island-ui-storybook/values.dev.yaml @@ -1,57 +1,58 @@ -{ - "island-ui-storybook": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "island-ui-storybook", - "grantNamespaces": [ - "nginx-ingress-external" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "ui", - "staging": "ui", - "prod": "ui.devland.is" - }, - "paths": [ - "/" - ] - } - }, - "namespace": "storybook", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "10m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [] - } - } -} \ No newline at end of file +service: + name: island-ui-storybook + enabled: true + env: + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: ui.dev01.devland.is + paths: + - / + namespace: storybook + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/island-ui-storybook/values.prod.yaml b/charts/services/island-ui-storybook/values.prod.yaml index 7b867b997d87..835f963274b1 100644 --- a/charts/services/island-ui-storybook/values.prod.yaml +++ b/charts/services/island-ui-storybook/values.prod.yaml @@ -1,57 +1,58 @@ -{ - "island-ui-storybook": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "island-ui-storybook", - "grantNamespaces": [ - "nginx-ingress-external" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "ui", - "staging": "ui", - "prod": "ui.devland.is" - }, - "paths": [ - "/" - ] - } - }, - "namespace": "storybook", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "10m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [] - } - } -} \ No newline at end of file +service: + name: island-ui-storybook + enabled: true + env: + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: ui.devland.is + paths: + - / + namespace: storybook + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/island-ui-storybook/values.staging.yaml b/charts/services/island-ui-storybook/values.staging.yaml index 7b867b997d87..201fb6820f43 100644 --- a/charts/services/island-ui-storybook/values.staging.yaml +++ b/charts/services/island-ui-storybook/values.staging.yaml @@ -1,57 +1,58 @@ -{ - "island-ui-storybook": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "island-ui-storybook", - "grantNamespaces": [ - "nginx-ingress-external" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "ui", - "staging": "ui", - "prod": "ui.devland.is" - }, - "paths": [ - "/" - ] - } - }, - "namespace": "storybook", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "10m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [] - } - } -} \ No newline at end of file +service: + name: island-ui-storybook + enabled: true + env: + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: ui.staging01.devland.is + paths: + - / + namespace: storybook + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/judicial-system-api/values.dev.yaml b/charts/services/judicial-system-api/values.dev.yaml index 377ff1acf6c3..20da8359716d 100644 --- a/charts/services/judicial-system-api/values.dev.yaml +++ b/charts/services/judicial-system-api/values.dev.yaml @@ -1,126 +1,88 @@ -{ - "judicial-system-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUTH_IDS_SCOPE": "openid profile", - "AUTH_IDS_CLIENT_ID": "@rettarvorslugatt.island.is/web", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "AUTH_IDS_REDIRECT_URI": { - "staging": "https://judicial-system.staging01.devland.is/api/auth/callback/identity-server", - "prod": "https://rettarvorslugatt.island.is/api/auth/callback/identity-server" - }, - "AUTH_IDS_LOGOUT_REDIRECT_URI": { - "dev": "https://judicial-system.dev01.devland.is", - "staging": "https://judicial-system.staging01.devland.is", - "prod": "https://rettarvorslugatt.island.is" - }, - "ALLOW_AUTH_BYPASS": { - "dev": "true", - "staging": "true", - "prod": "false" - }, - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENVIRONMENT": { - "dev": "test", - "staging": "test", - "prod": "master" - }, - "HIDDEN_FEATURES": { - "dev": "", - "staging": "", - "prod": "" - } - }, - "features": {}, - "name": "judicial-system-api", - "grantNamespaces": [ - "nginx-ingress-external" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", - "AUTH_IDS_SECRET": "/k8s/judicial-system/AUTH_IDS_SECRET", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system", - "staging": "judicial-system", - "prod": "rettarvorslugatt.island.is" - }, - "paths": [ - "/api/graphql", - "/api/auth", - "/api/case", - "/api/feature" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "350m", - "memory": "512Mi" - }, - "requests": { - "cpu": "200m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-api", - "replicaCount": { - "default": 2, - "max": 10, - "min": 2, - "scalingMagicNumber": 8 - } - } - } -} \ No newline at end of file +service: + name: judicial-system-api + enabled: true + env: + ALLOW_AUTH_BYPASS: "true" + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + AUTH_IDS_CLIENT_ID: "@rettarvorslugatt.island.is/web" + AUTH_IDS_LOGOUT_REDIRECT_URI: https://judicial-system.dev01.devland.is + AUTH_IDS_REDIRECT_URI: https://judicial-system.dev01.devland.is/api/auth/callback/identity-server + AUTH_IDS_SCOPE: openid profile + BACKEND_URL: http://web-judicial-system-backend + CONTENTFUL_ENVIRONMENT: test + CONTENTFUL_HOST: preview.contentful.com + HIDDEN_FEATURES: "" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system.dev01.devland.is + paths: + - /api/graphql + - /api/auth + - /api/case + - /api/feature + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 350m + memory: 512Mi + requests: + cpu: 200m + memory: 256Mi + secrets: + AUTH_IDS_SECRET: /k8s/judicial-system/AUTH_IDS_SECRET + AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-api + create: true + name: judicial-system-api diff --git a/charts/services/judicial-system-api/values.prod.yaml b/charts/services/judicial-system-api/values.prod.yaml index 377ff1acf6c3..7066c51aa320 100644 --- a/charts/services/judicial-system-api/values.prod.yaml +++ b/charts/services/judicial-system-api/values.prod.yaml @@ -1,126 +1,88 @@ -{ - "judicial-system-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUTH_IDS_SCOPE": "openid profile", - "AUTH_IDS_CLIENT_ID": "@rettarvorslugatt.island.is/web", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "AUTH_IDS_REDIRECT_URI": { - "staging": "https://judicial-system.staging01.devland.is/api/auth/callback/identity-server", - "prod": "https://rettarvorslugatt.island.is/api/auth/callback/identity-server" - }, - "AUTH_IDS_LOGOUT_REDIRECT_URI": { - "dev": "https://judicial-system.dev01.devland.is", - "staging": "https://judicial-system.staging01.devland.is", - "prod": "https://rettarvorslugatt.island.is" - }, - "ALLOW_AUTH_BYPASS": { - "dev": "true", - "staging": "true", - "prod": "false" - }, - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENVIRONMENT": { - "dev": "test", - "staging": "test", - "prod": "master" - }, - "HIDDEN_FEATURES": { - "dev": "", - "staging": "", - "prod": "" - } - }, - "features": {}, - "name": "judicial-system-api", - "grantNamespaces": [ - "nginx-ingress-external" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", - "AUTH_IDS_SECRET": "/k8s/judicial-system/AUTH_IDS_SECRET", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system", - "staging": "judicial-system", - "prod": "rettarvorslugatt.island.is" - }, - "paths": [ - "/api/graphql", - "/api/auth", - "/api/case", - "/api/feature" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "350m", - "memory": "512Mi" - }, - "requests": { - "cpu": "200m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-api", - "replicaCount": { - "default": 2, - "max": 10, - "min": 2, - "scalingMagicNumber": 8 - } - } - } -} \ No newline at end of file +service: + name: judicial-system-api + enabled: true + env: + ALLOW_AUTH_BYPASS: "false" + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + AUTH_IDS_CLIENT_ID: "@rettarvorslugatt.island.is/web" + AUTH_IDS_LOGOUT_REDIRECT_URI: https://rettarvorslugatt.island.is + AUTH_IDS_REDIRECT_URI: https://rettarvorslugatt.island.is/api/auth/callback/identity-server + AUTH_IDS_SCOPE: openid profile + BACKEND_URL: http://web-judicial-system-backend + CONTENTFUL_ENVIRONMENT: master + CONTENTFUL_HOST: cdn.contentful.com + HIDDEN_FEATURES: "" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: rettarvorslugatt.island.is + paths: + - /api/graphql + - /api/auth + - /api/case + - /api/feature + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 350m + memory: 512Mi + requests: + cpu: 200m + memory: 256Mi + secrets: + AUTH_IDS_SECRET: /k8s/judicial-system/AUTH_IDS_SECRET + AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-api + create: true + name: judicial-system-api diff --git a/charts/services/judicial-system-api/values.staging.yaml b/charts/services/judicial-system-api/values.staging.yaml index 377ff1acf6c3..b7a80ebe4244 100644 --- a/charts/services/judicial-system-api/values.staging.yaml +++ b/charts/services/judicial-system-api/values.staging.yaml @@ -1,126 +1,88 @@ -{ - "judicial-system-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUTH_IDS_SCOPE": "openid profile", - "AUTH_IDS_CLIENT_ID": "@rettarvorslugatt.island.is/web", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "AUTH_IDS_REDIRECT_URI": { - "staging": "https://judicial-system.staging01.devland.is/api/auth/callback/identity-server", - "prod": "https://rettarvorslugatt.island.is/api/auth/callback/identity-server" - }, - "AUTH_IDS_LOGOUT_REDIRECT_URI": { - "dev": "https://judicial-system.dev01.devland.is", - "staging": "https://judicial-system.staging01.devland.is", - "prod": "https://rettarvorslugatt.island.is" - }, - "ALLOW_AUTH_BYPASS": { - "dev": "true", - "staging": "true", - "prod": "false" - }, - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENVIRONMENT": { - "dev": "test", - "staging": "test", - "prod": "master" - }, - "HIDDEN_FEATURES": { - "dev": "", - "staging": "", - "prod": "" - } - }, - "features": {}, - "name": "judicial-system-api", - "grantNamespaces": [ - "nginx-ingress-external" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", - "AUTH_IDS_SECRET": "/k8s/judicial-system/AUTH_IDS_SECRET", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system", - "staging": "judicial-system", - "prod": "rettarvorslugatt.island.is" - }, - "paths": [ - "/api/graphql", - "/api/auth", - "/api/case", - "/api/feature" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "350m", - "memory": "512Mi" - }, - "requests": { - "cpu": "200m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-api", - "replicaCount": { - "default": 2, - "max": 10, - "min": 2, - "scalingMagicNumber": 8 - } - } - } -} \ No newline at end of file +service: + name: judicial-system-api + enabled: true + env: + ALLOW_AUTH_BYPASS: "true" + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + AUTH_IDS_CLIENT_ID: "@rettarvorslugatt.island.is/web" + AUTH_IDS_LOGOUT_REDIRECT_URI: https://judicial-system.staging01.devland.is + AUTH_IDS_REDIRECT_URI: https://judicial-system.staging01.devland.is/api/auth/callback/identity-server + AUTH_IDS_SCOPE: openid profile + BACKEND_URL: http://web-judicial-system-backend + CONTENTFUL_ENVIRONMENT: test + CONTENTFUL_HOST: cdn.contentful.com + HIDDEN_FEATURES: "" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system.staging01.devland.is + paths: + - /api/graphql + - /api/auth + - /api/case + - /api/feature + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 350m + memory: 512Mi + requests: + cpu: 200m + memory: 256Mi + secrets: + AUTH_IDS_SECRET: /k8s/judicial-system/AUTH_IDS_SECRET + AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-api + create: true + name: judicial-system-api diff --git a/charts/services/judicial-system-backend/values.dev.yaml b/charts/services/judicial-system-backend/values.dev.yaml index b45fad7fd6f2..b6af38806cea 100644 --- a/charts/services/judicial-system-backend/values.dev.yaml +++ b/charts/services/judicial-system-backend/values.dev.yaml @@ -1,200 +1,138 @@ -{ - "judicial-system-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "DOKOBIT_URL": { - "dev": "https://developers.dokobit.com", - "staging": "https://developers.dokobit.com", - "prod": "https://ws.dokobit.com" - }, - "EMAIL_REGION": "eu-west-1", - "S3_REGION": "eu-west-1", - "S3_BUCKET": { - "dev": "island-is-dev-upload-judicial-system", - "staging": "island-is-staging-upload-judicial-system", - "prod": "island-is-prod-upload-judicial-system" - }, - "S3_TIME_TO_LIVE_POST": "15", - "S3_TIME_TO_LIVE_GET": "5", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENVIRONMENT": { - "dev": "test", - "staging": "test", - "prod": "master" - }, - "CLIENT_URL": { - "prod": "https://rettarvorslugatt.island.is" - }, - "SQS_QUEUE_NAME": "sqs-judicial-system", - "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", - "SQS_REGION": "eu-west-1", - "BLOCKED_API_INTEGRATION": { - "dev": "", - "staging": "COURT,POLICE_CASE", - "prod": "" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT": { - "dev": "false", - "staging": "true", - "prod": "true" - } - }, - "features": {}, - "name": "judicial-system-backend", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NOVA_URL": "/k8s/judicial-system/NOVA_URL", - "NOVA_USERNAME": "/k8s/judicial-system/NOVA_USERNAME", - "NOVA_PASSWORD": "/k8s/judicial-system/NOVA_PASSWORD", - "COURTS_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_MOBILE_NUMBERS", - "COURTS_ASSISTANT_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS", - "COURTS_EMAILS": "/k8s/judicial-system/COURTS_EMAILS", - "DOKOBIT_ACCESS_TOKEN": "/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN", - "EMAIL_FROM": "/k8s/judicial-system/EMAIL_FROM", - "EMAIL_FROM_NAME": "/k8s/judicial-system/EMAIL_FROM_NAME", - "EMAIL_REPLY_TO": "/k8s/judicial-system/EMAIL_REPLY_TO", - "EMAIL_REPLY_TO_NAME": "/k8s/judicial-system/EMAIL_REPLY_TO_NAME", - "PRISON_EMAIL": "/k8s/judicial-system/PRISON_EMAIL", - "PRISON_ADMIN_EMAIL": "/k8s/judicial-system/PRISON_ADMIN_EMAIL", - "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", - "ADMIN_USERS": "/k8s/judicial-system/ADMIN_USERS", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", - "EVENT_URL": "/k8s/judicial-system/EVENT_URL", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "ARCHIVE_ENCRYPTION_KEY": "/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY", - "COURT_ROBOT_CLIENT_ID": "/k8s/judicial-system/COURT_ROBOT_CLIENT_ID", - "COURT_ROBOT_TENANT_ID": "/k8s/judicial-system/COURT_ROBOT_TENANT_ID", - "COURT_ROBOT_CLIENT_SECRET": "/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET", - "COURT_ROBOT_USER": "/k8s/judicial-system/COURT_ROBOT_USER", - "COURT_ROBOT_EMAIL": "/k8s/judicial-system/COURT_ROBOT_EMAIL" - }, - "ingress": {}, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "requests": { - "cpu": "100m", - "memory": "512Mi" - }, - "limits": { - "cpu": "400m", - "memory": "1024Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Client", - "staging": "IS-TEST/GOV/5804170510/Rettarvorslugatt-Client", - "prod": "IS/GOV/5804170510/Rettarvorslugatt-Client" - }, - "XROAD_COURT_MEMBER_CODE": { - "dev": "10019", - "staging": "4707171140", - "prod": "4707171140" - }, - "XROAD_POLICE_MEMBER_CODE": { - "dev": "10005", - "staging": "5309672079", - "prod": "5309672079" - }, - "XROAD_COURT_API_PATH": "/Domstolasyslan/JusticePortal-v1", - "XROAD_POLICE_API_PATH": "/Logreglan-Private/rettarvarsla-v1" - }, - "secrets": { - "XROAD_CLIENT_CERT": "/k8s/judicial-system/XROAD_CLIENT_CERT", - "XROAD_CLIENT_KEY": "/k8s/judicial-system/XROAD_CLIENT_KEY", - "XROAD_CLIENT_PEM": "/k8s/judicial-system/XROAD_CLIENT_PEM", - "XROAD_COURTS_CREDENTIALS": "/k8s/judicial-system/COURTS_CREDENTIALS", - "XROAD_POLICE_API_KEY": "/k8s/judicial-system/XROAD_POLICE_API_KEY" - } - } - } - ], - "files": [], - "volumes": [], - "accountName": "judicial-system-backend", - "postgres": { - "name": "judicial_system", - "username": "judicial_system", - "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "judicial_system", - "username": "judicial_system", - "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" - } - }, - "replicaCount": { - "min": 2, - "max": 10, - "default": 2 - } - } - } -} \ No newline at end of file +service: + name: judicial-system-backend + enabled: true + env: + BLOCKED_API_INTEGRATION: "" + CLIENT_URL: https://judicial-system.dev01.devland.is + CONTENTFUL_ENVIRONMENT: test + CONTENTFUL_HOST: preview.contentful.com + DB_HOST: postgres-applications.internal + DB_NAME: judicial_system + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: judicial_system + DOKOBIT_URL: https://developers.dokobit.com + EMAIL_REGION: eu-west-1 + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "true" + S3_BUCKET: island-is-dev-upload-judicial-system + S3_REGION: eu-west-1 + S3_TIME_TO_LIVE_GET: "5" + S3_TIME_TO_LIVE_POST: "15" + SERVERSIDE_FEATURES_ON: "" + SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq + SQS_QUEUE_NAME: sqs-judicial-system + SQS_REGION: eu-west-1 + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: "false" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10014/Rettarvorslugatt-Client + XROAD_COURT_API_PATH: /Domstolasyslan/JusticePortal-v1 + XROAD_COURT_MEMBER_CODE: "10019" + XROAD_POLICE_API_PATH: /Logreglan-Private/rettarvarsla-v1 + XROAD_POLICE_MEMBER_CODE: "10005" + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: judicial_system + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: judicial_system + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/judicial-system/DB_PASSWORD + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 1024Mi + requests: + cpu: 100m + memory: 512Mi + secrets: + ADMIN_USERS: /k8s/judicial-system/ADMIN_USERS + ARCHIVE_ENCRYPTION_KEY: /k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY + AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN + COURTS_ASSISTANT_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS + COURTS_EMAILS: /k8s/judicial-system/COURTS_EMAILS + COURTS_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_MOBILE_NUMBERS + COURT_ROBOT_CLIENT_ID: /k8s/judicial-system/COURT_ROBOT_CLIENT_ID + COURT_ROBOT_CLIENT_SECRET: /k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET + COURT_ROBOT_EMAIL: /k8s/judicial-system/COURT_ROBOT_EMAIL + COURT_ROBOT_TENANT_ID: /k8s/judicial-system/COURT_ROBOT_TENANT_ID + COURT_ROBOT_USER: /k8s/judicial-system/COURT_ROBOT_USER + DB_PASS: /k8s/judicial-system/DB_PASSWORD + DOKOBIT_ACCESS_TOKEN: /k8s/judicial-system/DOKOBIT_ACCESS_TOKEN + EMAIL_FROM: /k8s/judicial-system/EMAIL_FROM + EMAIL_FROM_NAME: /k8s/judicial-system/EMAIL_FROM_NAME + EMAIL_REPLY_TO: /k8s/judicial-system/EMAIL_REPLY_TO + EMAIL_REPLY_TO_NAME: /k8s/judicial-system/EMAIL_REPLY_TO_NAME + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + EVENT_URL: /k8s/judicial-system/EVENT_URL + NOVA_PASSWORD: /k8s/judicial-system/NOVA_PASSWORD + NOVA_URL: /k8s/judicial-system/NOVA_URL + NOVA_USERNAME: /k8s/judicial-system/NOVA_USERNAME + PRISON_ADMIN_EMAIL: /k8s/judicial-system/PRISON_ADMIN_EMAIL + PRISON_EMAIL: /k8s/judicial-system/PRISON_EMAIL + XROAD_CLIENT_CERT: /k8s/judicial-system/XROAD_CLIENT_CERT + XROAD_CLIENT_KEY: /k8s/judicial-system/XROAD_CLIENT_KEY + XROAD_CLIENT_PEM: /k8s/judicial-system/XROAD_CLIENT_PEM + XROAD_COURTS_CREDENTIALS: /k8s/judicial-system/COURTS_CREDENTIALS + XROAD_POLICE_API_KEY: /k8s/judicial-system/XROAD_POLICE_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-backend + create: true + name: judicial-system-backend diff --git a/charts/services/judicial-system-backend/values.prod.yaml b/charts/services/judicial-system-backend/values.prod.yaml index b45fad7fd6f2..cfefccfad335 100644 --- a/charts/services/judicial-system-backend/values.prod.yaml +++ b/charts/services/judicial-system-backend/values.prod.yaml @@ -1,200 +1,138 @@ -{ - "judicial-system-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "DOKOBIT_URL": { - "dev": "https://developers.dokobit.com", - "staging": "https://developers.dokobit.com", - "prod": "https://ws.dokobit.com" - }, - "EMAIL_REGION": "eu-west-1", - "S3_REGION": "eu-west-1", - "S3_BUCKET": { - "dev": "island-is-dev-upload-judicial-system", - "staging": "island-is-staging-upload-judicial-system", - "prod": "island-is-prod-upload-judicial-system" - }, - "S3_TIME_TO_LIVE_POST": "15", - "S3_TIME_TO_LIVE_GET": "5", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENVIRONMENT": { - "dev": "test", - "staging": "test", - "prod": "master" - }, - "CLIENT_URL": { - "prod": "https://rettarvorslugatt.island.is" - }, - "SQS_QUEUE_NAME": "sqs-judicial-system", - "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", - "SQS_REGION": "eu-west-1", - "BLOCKED_API_INTEGRATION": { - "dev": "", - "staging": "COURT,POLICE_CASE", - "prod": "" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT": { - "dev": "false", - "staging": "true", - "prod": "true" - } - }, - "features": {}, - "name": "judicial-system-backend", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NOVA_URL": "/k8s/judicial-system/NOVA_URL", - "NOVA_USERNAME": "/k8s/judicial-system/NOVA_USERNAME", - "NOVA_PASSWORD": "/k8s/judicial-system/NOVA_PASSWORD", - "COURTS_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_MOBILE_NUMBERS", - "COURTS_ASSISTANT_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS", - "COURTS_EMAILS": "/k8s/judicial-system/COURTS_EMAILS", - "DOKOBIT_ACCESS_TOKEN": "/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN", - "EMAIL_FROM": "/k8s/judicial-system/EMAIL_FROM", - "EMAIL_FROM_NAME": "/k8s/judicial-system/EMAIL_FROM_NAME", - "EMAIL_REPLY_TO": "/k8s/judicial-system/EMAIL_REPLY_TO", - "EMAIL_REPLY_TO_NAME": "/k8s/judicial-system/EMAIL_REPLY_TO_NAME", - "PRISON_EMAIL": "/k8s/judicial-system/PRISON_EMAIL", - "PRISON_ADMIN_EMAIL": "/k8s/judicial-system/PRISON_ADMIN_EMAIL", - "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", - "ADMIN_USERS": "/k8s/judicial-system/ADMIN_USERS", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", - "EVENT_URL": "/k8s/judicial-system/EVENT_URL", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "ARCHIVE_ENCRYPTION_KEY": "/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY", - "COURT_ROBOT_CLIENT_ID": "/k8s/judicial-system/COURT_ROBOT_CLIENT_ID", - "COURT_ROBOT_TENANT_ID": "/k8s/judicial-system/COURT_ROBOT_TENANT_ID", - "COURT_ROBOT_CLIENT_SECRET": "/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET", - "COURT_ROBOT_USER": "/k8s/judicial-system/COURT_ROBOT_USER", - "COURT_ROBOT_EMAIL": "/k8s/judicial-system/COURT_ROBOT_EMAIL" - }, - "ingress": {}, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "requests": { - "cpu": "100m", - "memory": "512Mi" - }, - "limits": { - "cpu": "400m", - "memory": "1024Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Client", - "staging": "IS-TEST/GOV/5804170510/Rettarvorslugatt-Client", - "prod": "IS/GOV/5804170510/Rettarvorslugatt-Client" - }, - "XROAD_COURT_MEMBER_CODE": { - "dev": "10019", - "staging": "4707171140", - "prod": "4707171140" - }, - "XROAD_POLICE_MEMBER_CODE": { - "dev": "10005", - "staging": "5309672079", - "prod": "5309672079" - }, - "XROAD_COURT_API_PATH": "/Domstolasyslan/JusticePortal-v1", - "XROAD_POLICE_API_PATH": "/Logreglan-Private/rettarvarsla-v1" - }, - "secrets": { - "XROAD_CLIENT_CERT": "/k8s/judicial-system/XROAD_CLIENT_CERT", - "XROAD_CLIENT_KEY": "/k8s/judicial-system/XROAD_CLIENT_KEY", - "XROAD_CLIENT_PEM": "/k8s/judicial-system/XROAD_CLIENT_PEM", - "XROAD_COURTS_CREDENTIALS": "/k8s/judicial-system/COURTS_CREDENTIALS", - "XROAD_POLICE_API_KEY": "/k8s/judicial-system/XROAD_POLICE_API_KEY" - } - } - } - ], - "files": [], - "volumes": [], - "accountName": "judicial-system-backend", - "postgres": { - "name": "judicial_system", - "username": "judicial_system", - "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "judicial_system", - "username": "judicial_system", - "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" - } - }, - "replicaCount": { - "min": 2, - "max": 10, - "default": 2 - } - } - } -} \ No newline at end of file +service: + name: judicial-system-backend + enabled: true + env: + BLOCKED_API_INTEGRATION: "" + CLIENT_URL: https://rettarvorslugatt.island.is + CONTENTFUL_ENVIRONMENT: master + CONTENTFUL_HOST: cdn.contentful.com + DB_HOST: postgres-applications.internal + DB_NAME: judicial_system + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: judicial_system + DOKOBIT_URL: https://ws.dokobit.com + EMAIL_REGION: eu-west-1 + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "false" + S3_BUCKET: island-is-prod-upload-judicial-system + S3_REGION: eu-west-1 + S3_TIME_TO_LIVE_GET: "5" + S3_TIME_TO_LIVE_POST: "15" + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq + SQS_QUEUE_NAME: sqs-judicial-system + SQS_REGION: eu-west-1 + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: "true" + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5804170510/Rettarvorslugatt-Client + XROAD_COURT_API_PATH: /Domstolasyslan/JusticePortal-v1 + XROAD_COURT_MEMBER_CODE: "4707171140" + XROAD_POLICE_API_PATH: /Logreglan-Private/rettarvarsla-v1 + XROAD_POLICE_MEMBER_CODE: "5309672079" + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: judicial_system + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: judicial_system + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/judicial-system/DB_PASSWORD + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 1024Mi + requests: + cpu: 100m + memory: 512Mi + secrets: + ADMIN_USERS: /k8s/judicial-system/ADMIN_USERS + ARCHIVE_ENCRYPTION_KEY: /k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY + AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN + COURTS_ASSISTANT_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS + COURTS_EMAILS: /k8s/judicial-system/COURTS_EMAILS + COURTS_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_MOBILE_NUMBERS + COURT_ROBOT_CLIENT_ID: /k8s/judicial-system/COURT_ROBOT_CLIENT_ID + COURT_ROBOT_CLIENT_SECRET: /k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET + COURT_ROBOT_EMAIL: /k8s/judicial-system/COURT_ROBOT_EMAIL + COURT_ROBOT_TENANT_ID: /k8s/judicial-system/COURT_ROBOT_TENANT_ID + COURT_ROBOT_USER: /k8s/judicial-system/COURT_ROBOT_USER + DB_PASS: /k8s/judicial-system/DB_PASSWORD + DOKOBIT_ACCESS_TOKEN: /k8s/judicial-system/DOKOBIT_ACCESS_TOKEN + EMAIL_FROM: /k8s/judicial-system/EMAIL_FROM + EMAIL_FROM_NAME: /k8s/judicial-system/EMAIL_FROM_NAME + EMAIL_REPLY_TO: /k8s/judicial-system/EMAIL_REPLY_TO + EMAIL_REPLY_TO_NAME: /k8s/judicial-system/EMAIL_REPLY_TO_NAME + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + EVENT_URL: /k8s/judicial-system/EVENT_URL + NOVA_PASSWORD: /k8s/judicial-system/NOVA_PASSWORD + NOVA_URL: /k8s/judicial-system/NOVA_URL + NOVA_USERNAME: /k8s/judicial-system/NOVA_USERNAME + PRISON_ADMIN_EMAIL: /k8s/judicial-system/PRISON_ADMIN_EMAIL + PRISON_EMAIL: /k8s/judicial-system/PRISON_EMAIL + XROAD_CLIENT_CERT: /k8s/judicial-system/XROAD_CLIENT_CERT + XROAD_CLIENT_KEY: /k8s/judicial-system/XROAD_CLIENT_KEY + XROAD_CLIENT_PEM: /k8s/judicial-system/XROAD_CLIENT_PEM + XROAD_COURTS_CREDENTIALS: /k8s/judicial-system/COURTS_CREDENTIALS + XROAD_POLICE_API_KEY: /k8s/judicial-system/XROAD_POLICE_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-backend + create: true + name: judicial-system-backend diff --git a/charts/services/judicial-system-backend/values.staging.yaml b/charts/services/judicial-system-backend/values.staging.yaml index b45fad7fd6f2..d5a98a8a47a5 100644 --- a/charts/services/judicial-system-backend/values.staging.yaml +++ b/charts/services/judicial-system-backend/values.staging.yaml @@ -1,200 +1,138 @@ -{ - "judicial-system-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "DOKOBIT_URL": { - "dev": "https://developers.dokobit.com", - "staging": "https://developers.dokobit.com", - "prod": "https://ws.dokobit.com" - }, - "EMAIL_REGION": "eu-west-1", - "S3_REGION": "eu-west-1", - "S3_BUCKET": { - "dev": "island-is-dev-upload-judicial-system", - "staging": "island-is-staging-upload-judicial-system", - "prod": "island-is-prod-upload-judicial-system" - }, - "S3_TIME_TO_LIVE_POST": "15", - "S3_TIME_TO_LIVE_GET": "5", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENVIRONMENT": { - "dev": "test", - "staging": "test", - "prod": "master" - }, - "CLIENT_URL": { - "prod": "https://rettarvorslugatt.island.is" - }, - "SQS_QUEUE_NAME": "sqs-judicial-system", - "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", - "SQS_REGION": "eu-west-1", - "BLOCKED_API_INTEGRATION": { - "dev": "", - "staging": "COURT,POLICE_CASE", - "prod": "" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT": { - "dev": "false", - "staging": "true", - "prod": "true" - } - }, - "features": {}, - "name": "judicial-system-backend", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NOVA_URL": "/k8s/judicial-system/NOVA_URL", - "NOVA_USERNAME": "/k8s/judicial-system/NOVA_USERNAME", - "NOVA_PASSWORD": "/k8s/judicial-system/NOVA_PASSWORD", - "COURTS_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_MOBILE_NUMBERS", - "COURTS_ASSISTANT_MOBILE_NUMBERS": "/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS", - "COURTS_EMAILS": "/k8s/judicial-system/COURTS_EMAILS", - "DOKOBIT_ACCESS_TOKEN": "/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN", - "EMAIL_FROM": "/k8s/judicial-system/EMAIL_FROM", - "EMAIL_FROM_NAME": "/k8s/judicial-system/EMAIL_FROM_NAME", - "EMAIL_REPLY_TO": "/k8s/judicial-system/EMAIL_REPLY_TO", - "EMAIL_REPLY_TO_NAME": "/k8s/judicial-system/EMAIL_REPLY_TO_NAME", - "PRISON_EMAIL": "/k8s/judicial-system/PRISON_EMAIL", - "PRISON_ADMIN_EMAIL": "/k8s/judicial-system/PRISON_ADMIN_EMAIL", - "AUTH_JWT_SECRET": "/k8s/judicial-system/AUTH_JWT_SECRET", - "ADMIN_USERS": "/k8s/judicial-system/ADMIN_USERS", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN", - "EVENT_URL": "/k8s/judicial-system/EVENT_URL", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "ARCHIVE_ENCRYPTION_KEY": "/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY", - "COURT_ROBOT_CLIENT_ID": "/k8s/judicial-system/COURT_ROBOT_CLIENT_ID", - "COURT_ROBOT_TENANT_ID": "/k8s/judicial-system/COURT_ROBOT_TENANT_ID", - "COURT_ROBOT_CLIENT_SECRET": "/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET", - "COURT_ROBOT_USER": "/k8s/judicial-system/COURT_ROBOT_USER", - "COURT_ROBOT_EMAIL": "/k8s/judicial-system/COURT_ROBOT_EMAIL" - }, - "ingress": {}, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "requests": { - "cpu": "100m", - "memory": "512Mi" - }, - "limits": { - "cpu": "400m", - "memory": "1024Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10014/Rettarvorslugatt-Client", - "staging": "IS-TEST/GOV/5804170510/Rettarvorslugatt-Client", - "prod": "IS/GOV/5804170510/Rettarvorslugatt-Client" - }, - "XROAD_COURT_MEMBER_CODE": { - "dev": "10019", - "staging": "4707171140", - "prod": "4707171140" - }, - "XROAD_POLICE_MEMBER_CODE": { - "dev": "10005", - "staging": "5309672079", - "prod": "5309672079" - }, - "XROAD_COURT_API_PATH": "/Domstolasyslan/JusticePortal-v1", - "XROAD_POLICE_API_PATH": "/Logreglan-Private/rettarvarsla-v1" - }, - "secrets": { - "XROAD_CLIENT_CERT": "/k8s/judicial-system/XROAD_CLIENT_CERT", - "XROAD_CLIENT_KEY": "/k8s/judicial-system/XROAD_CLIENT_KEY", - "XROAD_CLIENT_PEM": "/k8s/judicial-system/XROAD_CLIENT_PEM", - "XROAD_COURTS_CREDENTIALS": "/k8s/judicial-system/COURTS_CREDENTIALS", - "XROAD_POLICE_API_KEY": "/k8s/judicial-system/XROAD_POLICE_API_KEY" - } - } - } - ], - "files": [], - "volumes": [], - "accountName": "judicial-system-backend", - "postgres": { - "name": "judicial_system", - "username": "judicial_system", - "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "judicial_system", - "username": "judicial_system", - "passwordSecret": "/k8s/judicial-system/DB_PASSWORD" - } - }, - "replicaCount": { - "min": 2, - "max": 10, - "default": 2 - } - } - } -} \ No newline at end of file +service: + name: judicial-system-backend + enabled: true + env: + BLOCKED_API_INTEGRATION: COURT,POLICE_CASE + CLIENT_URL: https://judicial-system.staging01.devland.is + CONTENTFUL_ENVIRONMENT: test + CONTENTFUL_HOST: cdn.contentful.com + DB_HOST: postgres-applications.internal + DB_NAME: judicial_system + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: judicial_system + DOKOBIT_URL: https://developers.dokobit.com + EMAIL_REGION: eu-west-1 + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "false" + S3_BUCKET: island-is-staging-upload-judicial-system + S3_REGION: eu-west-1 + S3_TIME_TO_LIVE_GET: "5" + S3_TIME_TO_LIVE_POST: "15" + SERVERSIDE_FEATURES_ON: "" + SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq + SQS_QUEUE_NAME: sqs-judicial-system + SQS_REGION: eu-west-1 + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: "true" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5804170510/Rettarvorslugatt-Client + XROAD_COURT_API_PATH: /Domstolasyslan/JusticePortal-v1 + XROAD_COURT_MEMBER_CODE: "4707171140" + XROAD_POLICE_API_PATH: /Logreglan-Private/rettarvarsla-v1 + XROAD_POLICE_MEMBER_CODE: "5309672079" + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: judicial_system + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: judicial_system + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/judicial-system/DB_PASSWORD + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 1024Mi + requests: + cpu: 100m + memory: 512Mi + secrets: + ADMIN_USERS: /k8s/judicial-system/ADMIN_USERS + ARCHIVE_ENCRYPTION_KEY: /k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY + AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN + COURTS_ASSISTANT_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS + COURTS_EMAILS: /k8s/judicial-system/COURTS_EMAILS + COURTS_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_MOBILE_NUMBERS + COURT_ROBOT_CLIENT_ID: /k8s/judicial-system/COURT_ROBOT_CLIENT_ID + COURT_ROBOT_CLIENT_SECRET: /k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET + COURT_ROBOT_EMAIL: /k8s/judicial-system/COURT_ROBOT_EMAIL + COURT_ROBOT_TENANT_ID: /k8s/judicial-system/COURT_ROBOT_TENANT_ID + COURT_ROBOT_USER: /k8s/judicial-system/COURT_ROBOT_USER + DB_PASS: /k8s/judicial-system/DB_PASSWORD + DOKOBIT_ACCESS_TOKEN: /k8s/judicial-system/DOKOBIT_ACCESS_TOKEN + EMAIL_FROM: /k8s/judicial-system/EMAIL_FROM + EMAIL_FROM_NAME: /k8s/judicial-system/EMAIL_FROM_NAME + EMAIL_REPLY_TO: /k8s/judicial-system/EMAIL_REPLY_TO + EMAIL_REPLY_TO_NAME: /k8s/judicial-system/EMAIL_REPLY_TO_NAME + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + EVENT_URL: /k8s/judicial-system/EVENT_URL + NOVA_PASSWORD: /k8s/judicial-system/NOVA_PASSWORD + NOVA_URL: /k8s/judicial-system/NOVA_URL + NOVA_USERNAME: /k8s/judicial-system/NOVA_USERNAME + PRISON_ADMIN_EMAIL: /k8s/judicial-system/PRISON_ADMIN_EMAIL + PRISON_EMAIL: /k8s/judicial-system/PRISON_EMAIL + XROAD_CLIENT_CERT: /k8s/judicial-system/XROAD_CLIENT_CERT + XROAD_CLIENT_KEY: /k8s/judicial-system/XROAD_CLIENT_KEY + XROAD_CLIENT_PEM: /k8s/judicial-system/XROAD_CLIENT_PEM + XROAD_COURTS_CREDENTIALS: /k8s/judicial-system/COURTS_CREDENTIALS + XROAD_POLICE_API_KEY: /k8s/judicial-system/XROAD_POLICE_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-backend + create: true + name: judicial-system-backend diff --git a/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml b/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml index e8c4ac9df017..dfa79d9b198f 100644 --- a/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml +++ b/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml @@ -1,72 +1,73 @@ -{ - "judicial-system-digital-mailbox-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "judicial-system-digital-mailbox-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system-digital-mailbox-api-xrd", - "staging": "judicial-system-digital-mailbox-api-xrd", - "prod": "judicial-system-digital-mailbox-api-xrd" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-digital-mailbox-api", - "image": "judicial-system-digital-mailbox-api" - } - } -} \ No newline at end of file +service: + name: judicial-system-digital-mailbox-api + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + BACKEND_URL: http://web-judicial-system-backend + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api + create: true + name: judicial-system-digital-mailbox-api diff --git a/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml b/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml index e8c4ac9df017..a266f2634862 100644 --- a/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml +++ b/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml @@ -1,72 +1,73 @@ -{ - "judicial-system-digital-mailbox-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "judicial-system-digital-mailbox-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system-digital-mailbox-api-xrd", - "staging": "judicial-system-digital-mailbox-api-xrd", - "prod": "judicial-system-digital-mailbox-api-xrd" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-digital-mailbox-api", - "image": "judicial-system-digital-mailbox-api" - } - } -} \ No newline at end of file +service: + name: judicial-system-digital-mailbox-api + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + BACKEND_URL: http://web-judicial-system-backend + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system-digital-mailbox-api-xrd.internal.island.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api + create: true + name: judicial-system-digital-mailbox-api diff --git a/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml b/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml index e8c4ac9df017..516c5a40924a 100644 --- a/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml +++ b/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml @@ -1,72 +1,73 @@ -{ - "judicial-system-digital-mailbox-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "judicial-system-digital-mailbox-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system-digital-mailbox-api-xrd", - "staging": "judicial-system-digital-mailbox-api-xrd", - "prod": "judicial-system-digital-mailbox-api-xrd" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-digital-mailbox-api", - "image": "judicial-system-digital-mailbox-api" - } - } -} \ No newline at end of file +service: + name: judicial-system-digital-mailbox-api + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + BACKEND_URL: http://web-judicial-system-backend + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api + create: true + name: judicial-system-digital-mailbox-api diff --git a/charts/services/judicial-system-message-handler/values.dev.yaml b/charts/services/judicial-system-message-handler/values.dev.yaml index bf7f9a24160f..2b576d4a1d76 100644 --- a/charts/services/judicial-system-message-handler/values.dev.yaml +++ b/charts/services/judicial-system-message-handler/values.dev.yaml @@ -1,56 +1,66 @@ -{ - "judicial-system-message-handler": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "SQS_QUEUE_NAME": "sqs-judicial-system", - "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", - "SQS_REGION": "eu-west-1" - }, - "features": {}, - "name": "judicial-system-message-handler", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" - }, - "ingress": {}, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-message-handler", - "image": "judicial-system-message-handler", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ] - } - } -} \ No newline at end of file +service: + name: judicial-system-message-handler + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq + SQS_QUEUE_NAME: sqs-judicial-system + SQS_REGION: eu-west-1 + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-message-handler + create: true + name: judicial-system-message-handler diff --git a/charts/services/judicial-system-message-handler/values.prod.yaml b/charts/services/judicial-system-message-handler/values.prod.yaml index bf7f9a24160f..a3f3c28fe432 100644 --- a/charts/services/judicial-system-message-handler/values.prod.yaml +++ b/charts/services/judicial-system-message-handler/values.prod.yaml @@ -1,56 +1,66 @@ -{ - "judicial-system-message-handler": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "SQS_QUEUE_NAME": "sqs-judicial-system", - "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", - "SQS_REGION": "eu-west-1" - }, - "features": {}, - "name": "judicial-system-message-handler", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" - }, - "ingress": {}, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-message-handler", - "image": "judicial-system-message-handler", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ] - } - } -} \ No newline at end of file +service: + name: judicial-system-message-handler + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq + SQS_QUEUE_NAME: sqs-judicial-system + SQS_REGION: eu-west-1 + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-message-handler + create: true + name: judicial-system-message-handler diff --git a/charts/services/judicial-system-message-handler/values.staging.yaml b/charts/services/judicial-system-message-handler/values.staging.yaml index bf7f9a24160f..6fd84568b349 100644 --- a/charts/services/judicial-system-message-handler/values.staging.yaml +++ b/charts/services/judicial-system-message-handler/values.staging.yaml @@ -1,56 +1,66 @@ -{ - "judicial-system-message-handler": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "SQS_QUEUE_NAME": "sqs-judicial-system", - "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", - "SQS_REGION": "eu-west-1" - }, - "features": {}, - "name": "judicial-system-message-handler", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" - }, - "ingress": {}, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-message-handler", - "image": "judicial-system-message-handler", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ] - } - } -} \ No newline at end of file +service: + name: judicial-system-message-handler + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq + SQS_QUEUE_NAME: sqs-judicial-system + SQS_REGION: eu-west-1 + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-message-handler + create: true + name: judicial-system-message-handler diff --git a/charts/services/judicial-system-robot-api/values.dev.yaml b/charts/services/judicial-system-robot-api/values.dev.yaml index 61cdd6430ccb..f40df3b22ace 100644 --- a/charts/services/judicial-system-robot-api/values.dev.yaml +++ b/charts/services/judicial-system-robot-api/values.dev.yaml @@ -1,66 +1,71 @@ -{ - "judicial-system-robot-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1" - }, - "features": {}, - "name": "judicial-system-robot-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system-robot-api-xrd", - "staging": "judicial-system-robot-api-xrd", - "prod": "judicial-system-robot-api-xrd" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-robot-api", - "image": "judicial-system-robot-api" - } - } -} \ No newline at end of file +service: + name: judicial-system-robot-api + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system-robot-api-xrd.internal.dev01.devland.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-robot-api + create: true + name: judicial-system-robot-api diff --git a/charts/services/judicial-system-robot-api/values.prod.yaml b/charts/services/judicial-system-robot-api/values.prod.yaml index 61cdd6430ccb..dda3b1f973ab 100644 --- a/charts/services/judicial-system-robot-api/values.prod.yaml +++ b/charts/services/judicial-system-robot-api/values.prod.yaml @@ -1,66 +1,71 @@ -{ - "judicial-system-robot-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1" - }, - "features": {}, - "name": "judicial-system-robot-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system-robot-api-xrd", - "staging": "judicial-system-robot-api-xrd", - "prod": "judicial-system-robot-api-xrd" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-robot-api", - "image": "judicial-system-robot-api" - } - } -} \ No newline at end of file +service: + name: judicial-system-robot-api + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system-robot-api-xrd.internal.island.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-robot-api + create: true + name: judicial-system-robot-api diff --git a/charts/services/judicial-system-robot-api/values.staging.yaml b/charts/services/judicial-system-robot-api/values.staging.yaml index 61cdd6430ccb..7e8bb8702494 100644 --- a/charts/services/judicial-system-robot-api/values.staging.yaml +++ b/charts/services/judicial-system-robot-api/values.staging.yaml @@ -1,66 +1,71 @@ -{ - "judicial-system-robot-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1" - }, - "features": {}, - "name": "judicial-system-robot-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system-robot-api-xrd", - "staging": "judicial-system-robot-api-xrd", - "prod": "judicial-system-robot-api-xrd" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-robot-api", - "image": "judicial-system-robot-api" - } - } -} \ No newline at end of file +service: + name: judicial-system-robot-api + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system-robot-api-xrd.internal.staging01.devland.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-robot-api + create: true + name: judicial-system-robot-api diff --git a/charts/services/judicial-system-scheduler/values.dev.yaml b/charts/services/judicial-system-scheduler/values.dev.yaml index 7349cac123bc..eaab90e9b8e6 100644 --- a/charts/services/judicial-system-scheduler/values.dev.yaml +++ b/charts/services/judicial-system-scheduler/values.dev.yaml @@ -1,73 +1,68 @@ -{ - "judicial-system-scheduler": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "SQS_QUEUE_NAME": "sqs-judicial-system", - "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", - "SQS_REGION": "eu-west-1", - "TIME_TO_LIVE_MINUTES": "30" - }, - "features": {}, - "name": "judicial-system-scheduler", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" - }, - "ingress": {}, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "judicial-system-scheduler", - "replicaCount": { - "min": 1, - "max": 1, - "default": 1 - }, - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ], - "extraAttributes": { - "dev": { - "schedule": "0 2 * * *" - }, - "staging": { - "schedule": "0 2 * * *" - }, - "prod": { - "schedule": "0 2 * * *" - } - }, - "accountName": "judicial-system-scheduler" - } - } -} \ No newline at end of file +service: + name: judicial-system-scheduler + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq + SQS_QUEUE_NAME: sqs-judicial-system + SQS_REGION: eu-west-1 + TIME_TO_LIVE_MINUTES: "30" + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + schedule: 0 2 * * * + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-scheduler + create: true + name: judicial-system-scheduler diff --git a/charts/services/judicial-system-scheduler/values.prod.yaml b/charts/services/judicial-system-scheduler/values.prod.yaml index 7349cac123bc..9ebba04b4baa 100644 --- a/charts/services/judicial-system-scheduler/values.prod.yaml +++ b/charts/services/judicial-system-scheduler/values.prod.yaml @@ -1,73 +1,68 @@ -{ - "judicial-system-scheduler": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "SQS_QUEUE_NAME": "sqs-judicial-system", - "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", - "SQS_REGION": "eu-west-1", - "TIME_TO_LIVE_MINUTES": "30" - }, - "features": {}, - "name": "judicial-system-scheduler", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" - }, - "ingress": {}, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "judicial-system-scheduler", - "replicaCount": { - "min": 1, - "max": 1, - "default": 1 - }, - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ], - "extraAttributes": { - "dev": { - "schedule": "0 2 * * *" - }, - "staging": { - "schedule": "0 2 * * *" - }, - "prod": { - "schedule": "0 2 * * *" - } - }, - "accountName": "judicial-system-scheduler" - } - } -} \ No newline at end of file +service: + name: judicial-system-scheduler + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq + SQS_QUEUE_NAME: sqs-judicial-system + SQS_REGION: eu-west-1 + TIME_TO_LIVE_MINUTES: "30" + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + schedule: 0 2 * * * + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-scheduler + create: true + name: judicial-system-scheduler diff --git a/charts/services/judicial-system-scheduler/values.staging.yaml b/charts/services/judicial-system-scheduler/values.staging.yaml index 7349cac123bc..edb4a2374e67 100644 --- a/charts/services/judicial-system-scheduler/values.staging.yaml +++ b/charts/services/judicial-system-scheduler/values.staging.yaml @@ -1,73 +1,68 @@ -{ - "judicial-system-scheduler": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "SQS_QUEUE_NAME": "sqs-judicial-system", - "SQS_DEAD_LETTER_QUEUE_NAME": "sqs-judicial-system-dlq", - "SQS_REGION": "eu-west-1", - "TIME_TO_LIVE_MINUTES": "30" - }, - "features": {}, - "name": "judicial-system-scheduler", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN" - }, - "ingress": {}, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "judicial-system-scheduler", - "replicaCount": { - "min": 1, - "max": 1, - "default": 1 - }, - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ], - "extraAttributes": { - "dev": { - "schedule": "0 2 * * *" - }, - "staging": { - "schedule": "0 2 * * *" - }, - "prod": { - "schedule": "0 2 * * *" - } - }, - "accountName": "judicial-system-scheduler" - } - } -} \ No newline at end of file +service: + name: judicial-system-scheduler + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq + SQS_QUEUE_NAME: sqs-judicial-system + SQS_REGION: eu-west-1 + TIME_TO_LIVE_MINUTES: "30" + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + schedule: 0 2 * * * + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-scheduler + create: true + name: judicial-system-scheduler diff --git a/charts/services/judicial-system-web/values.dev.yaml b/charts/services/judicial-system-web/values.dev.yaml index 18d1751d1481..ddd15092a884 100644 --- a/charts/services/judicial-system-web/values.dev.yaml +++ b/charts/services/judicial-system-web/values.dev.yaml @@ -1,76 +1,65 @@ -{ - "judicial-system-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 10, - "initialDelaySeconds": 3 - }, - "env": { - "API_URL": { - "prod": "https://rettarvorslugatt.island.is" - } - }, - "features": {}, - "name": "judicial-system-web", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NATIONAL_REGISTRY_API_KEY": "/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY", - "SUPPORT_EMAIL": "/k8s/judicial-system/SUPPORT_EMAIL" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system", - "staging": "judicial-system", - "prod": "rettarvorslugatt.island.is" - }, - "paths": [ - "/" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "15m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [] - } - } -} \ No newline at end of file +service: + name: judicial-system-web + enabled: true + env: + API_URL: https://judicial-system.dev01.devland.is + INTERNAL_API_URL: http://web-judicial-system-api + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 10 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system.dev01.devland.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 15m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + NATIONAL_REGISTRY_API_KEY: /k8s/judicial-system/NATIONAL_REGISTRY_API_KEY + SUPPORT_EMAIL: /k8s/judicial-system/SUPPORT_EMAIL + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/judicial-system-web/values.prod.yaml b/charts/services/judicial-system-web/values.prod.yaml index 18d1751d1481..fe6b2ca5f2ff 100644 --- a/charts/services/judicial-system-web/values.prod.yaml +++ b/charts/services/judicial-system-web/values.prod.yaml @@ -1,76 +1,65 @@ -{ - "judicial-system-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 10, - "initialDelaySeconds": 3 - }, - "env": { - "API_URL": { - "prod": "https://rettarvorslugatt.island.is" - } - }, - "features": {}, - "name": "judicial-system-web", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NATIONAL_REGISTRY_API_KEY": "/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY", - "SUPPORT_EMAIL": "/k8s/judicial-system/SUPPORT_EMAIL" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system", - "staging": "judicial-system", - "prod": "rettarvorslugatt.island.is" - }, - "paths": [ - "/" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "15m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [] - } - } -} \ No newline at end of file +service: + name: judicial-system-web + enabled: true + env: + API_URL: https://rettarvorslugatt.island.is + INTERNAL_API_URL: http://web-judicial-system-api + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 10 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: rettarvorslugatt.island.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 15m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + NATIONAL_REGISTRY_API_KEY: /k8s/judicial-system/NATIONAL_REGISTRY_API_KEY + SUPPORT_EMAIL: /k8s/judicial-system/SUPPORT_EMAIL + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/judicial-system-web/values.staging.yaml b/charts/services/judicial-system-web/values.staging.yaml index 18d1751d1481..648f8a31352c 100644 --- a/charts/services/judicial-system-web/values.staging.yaml +++ b/charts/services/judicial-system-web/values.staging.yaml @@ -1,76 +1,65 @@ -{ - "judicial-system-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 10, - "initialDelaySeconds": 3 - }, - "env": { - "API_URL": { - "prod": "https://rettarvorslugatt.island.is" - } - }, - "features": {}, - "name": "judicial-system-web", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NATIONAL_REGISTRY_API_KEY": "/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY", - "SUPPORT_EMAIL": "/k8s/judicial-system/SUPPORT_EMAIL" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system", - "staging": "judicial-system", - "prod": "rettarvorslugatt.island.is" - }, - "paths": [ - "/" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "15m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [] - } - } -} \ No newline at end of file +service: + name: judicial-system-web + enabled: true + env: + API_URL: https://judicial-system.staging01.devland.is + INTERNAL_API_URL: http://web-judicial-system-api + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 10 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system.staging01.devland.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 15m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + NATIONAL_REGISTRY_API_KEY: /k8s/judicial-system/NATIONAL_REGISTRY_API_KEY + SUPPORT_EMAIL: /k8s/judicial-system/SUPPORT_EMAIL + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/judicial-system-xrd-api/values.dev.yaml b/charts/services/judicial-system-xrd-api/values.dev.yaml index dc9d962a3d85..d6ef8b4b3720 100644 --- a/charts/services/judicial-system-xrd-api/values.dev.yaml +++ b/charts/services/judicial-system-xrd-api/values.dev.yaml @@ -1,66 +1,72 @@ -{ - "judicial-system-xrd-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1" - }, - "features": {}, - "name": "judicial-system-xrd-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system-xrd-api", - "staging": "judicial-system-xrd-api", - "prod": "judicial-system-xrd-api" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-xrd-api" - } - } -} \ No newline at end of file +service: + name: judicial-system-xrd-api + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system-xrd-api.internal.dev01.devland.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-xrd-api + create: true + name: judicial-system-xrd-api diff --git a/charts/services/judicial-system-xrd-api/values.prod.yaml b/charts/services/judicial-system-xrd-api/values.prod.yaml index dc9d962a3d85..00a85da97907 100644 --- a/charts/services/judicial-system-xrd-api/values.prod.yaml +++ b/charts/services/judicial-system-xrd-api/values.prod.yaml @@ -1,66 +1,72 @@ -{ - "judicial-system-xrd-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1" - }, - "features": {}, - "name": "judicial-system-xrd-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system-xrd-api", - "staging": "judicial-system-xrd-api", - "prod": "judicial-system-xrd-api" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-xrd-api" - } - } -} \ No newline at end of file +service: + name: judicial-system-xrd-api + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system-xrd-api.internal.island.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-xrd-api + create: true + name: judicial-system-xrd-api diff --git a/charts/services/judicial-system-xrd-api/values.staging.yaml b/charts/services/judicial-system-xrd-api/values.staging.yaml index dc9d962a3d85..f1d6abdc7646 100644 --- a/charts/services/judicial-system-xrd-api/values.staging.yaml +++ b/charts/services/judicial-system-xrd-api/values.staging.yaml @@ -1,66 +1,72 @@ -{ - "judicial-system-xrd-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "AUDIT_TRAIL_USE_GENERIC_LOGGER": "false", - "AUDIT_TRAIL_GROUP_NAME": "k8s/judicial-system/audit-log", - "AUDIT_TRAIL_REGION": "eu-west-1" - }, - "features": {}, - "name": "judicial-system-xrd-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ERROR_EVENT_URL": "/k8s/judicial-system/ERROR_EVENT_URL", - "BACKEND_ACCESS_TOKEN": "/k8s/judicial-system/BACKEND_ACCESS_TOKEN", - "LAWYERS_ICELAND_API_KEY": "/k8s/judicial-system/LAWYERS_ICELAND_API_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "judicial-system-xrd-api", - "staging": "judicial-system-xrd-api", - "prod": "judicial-system-xrd-api" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "judicial-system", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "accountName": "judicial-system-xrd-api" - } - } -} \ No newline at end of file +service: + name: judicial-system-xrd-api + enabled: true + env: + AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log + AUDIT_TRAIL_REGION: eu-west-1 + AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" + BACKEND_URL: http://web-judicial-system-backend + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: judicial-system-xrd-api.internal.staging01.devland.is + paths: + - / + namespace: judicial-system + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-xrd-api + create: true + name: judicial-system-xrd-api diff --git a/charts/services/license-api/values.dev.yaml b/charts/services/license-api/values.dev.yaml index b633ae5bf55c..0da64efeb3ef 100644 --- a/charts/services/license-api/values.dev.yaml +++ b/charts/services/license-api/values.dev.yaml @@ -1,197 +1,95 @@ -{ - "license-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "LICENSE_SERVICE_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "HUNTING_LICENSE_PASS_TEMPLATE_ID": { - "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "prod": "d4ecf781-3764-4063-a4e1-9c3e17cebfba" - } - }, - "features": {}, - "name": "license-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", - "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", - "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", - "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", - "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", - "RLS_OPEN_LOOKUP_API_KEY": "/k8s/api/RLS_OPEN_LOOKUP_API_KEY", - "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", - "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", - "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", - "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", - "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", - "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", - "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", - "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", - "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", - "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", - "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", - "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", - "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", - "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", - "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "license-api-xrd", - "staging": "license-api-xrd", - "prod": "license-api-xrd" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "license-api", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FIREARM_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", - "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", - "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISABILITY_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", - "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DRIVING_LICENSE_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V2_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V4_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" - }, - "XROAD_DRIVING_LICENSE_V5_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" - } - }, - "secrets": { - "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_HUNTING_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", - "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", - "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" - } - } - } - } - ], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: license-api + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 1da72d52-a93a-4d0f-8463-1933a2bd210b + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_DISABILITY_LICENSE_PATH: IS-DEV/GOV/10008/TR-Protected/oryrki-v1 + XROAD_DRIVING_LICENSE_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1 + XROAD_DRIVING_LICENSE_V2_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2 + XROAD_DRIVING_LICENSE_V4_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4 + XROAD_DRIVING_LICENSE_V5_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5 + XROAD_FIREARM_LICENSE_PATH: IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1 + XROAD_HUNTING_LICENSE_PATH: IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: license-api-xrd.internal.dev01.devland.is + paths: + - / + namespace: license-api + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT + DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID + DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT + DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID + FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT + FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID + LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY + MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID + PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY + PKPASS_API_URL: /k8s/api/PKPASS_API_URL + PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES + PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA + PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY + RLS_OPEN_LOOKUP_API_KEY: /k8s/api/RLS_OPEN_LOOKUP_API_KEY + RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY + SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL + TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY + UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY + VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY + XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/license-api/values.prod.yaml b/charts/services/license-api/values.prod.yaml index b633ae5bf55c..1288e72899dd 100644 --- a/charts/services/license-api/values.prod.yaml +++ b/charts/services/license-api/values.prod.yaml @@ -1,197 +1,95 @@ -{ - "license-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "LICENSE_SERVICE_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "HUNTING_LICENSE_PASS_TEMPLATE_ID": { - "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "prod": "d4ecf781-3764-4063-a4e1-9c3e17cebfba" - } - }, - "features": {}, - "name": "license-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", - "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", - "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", - "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", - "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", - "RLS_OPEN_LOOKUP_API_KEY": "/k8s/api/RLS_OPEN_LOOKUP_API_KEY", - "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", - "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", - "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", - "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", - "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", - "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", - "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", - "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", - "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", - "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", - "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", - "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", - "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", - "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", - "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "license-api-xrd", - "staging": "license-api-xrd", - "prod": "license-api-xrd" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "license-api", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FIREARM_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", - "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", - "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISABILITY_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", - "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DRIVING_LICENSE_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V2_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V4_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" - }, - "XROAD_DRIVING_LICENSE_V5_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" - } - }, - "secrets": { - "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_HUNTING_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", - "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", - "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" - } - } - } - } - ], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: license-api + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: d4ecf781-3764-4063-a4e1-9c3e17cebfba + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_DISABILITY_LICENSE_PATH: IS/GOV/5012130120/TR-Protected/oryrki-v1 + XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 + XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 + XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 + XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 + XROAD_FIREARM_LICENSE_PATH: IS/GOV/5309672079/Logreglan-Protected/island-api-v1 + XROAD_HUNTING_LICENSE_PATH: IS/GOV/7010022880/Umhverfisstofnun-Protected/api + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: license-api-xrd.internal.island.is + paths: + - / + namespace: license-api + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT + DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID + DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT + DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID + FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT + FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID + LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY + MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID + PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY + PKPASS_API_URL: /k8s/api/PKPASS_API_URL + PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES + PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA + PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY + RLS_OPEN_LOOKUP_API_KEY: /k8s/api/RLS_OPEN_LOOKUP_API_KEY + RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY + SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL + TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY + UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY + VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY + XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/license-api/values.staging.yaml b/charts/services/license-api/values.staging.yaml index b633ae5bf55c..c8b77adb1220 100644 --- a/charts/services/license-api/values.staging.yaml +++ b/charts/services/license-api/values.staging.yaml @@ -1,197 +1,95 @@ -{ - "license-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "LICENSE_SERVICE_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - }, - "HUNTING_LICENSE_PASS_TEMPLATE_ID": { - "dev": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "staging": "1da72d52-a93a-4d0f-8463-1933a2bd210b", - "prod": "d4ecf781-3764-4063-a4e1-9c3e17cebfba" - } - }, - "features": {}, - "name": "license-api", - "grantNamespaces": [ - "nginx-ingress-internal" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SMART_SOLUTIONS_API_URL": "/k8s/api/SMART_SOLUTIONS_API_URL", - "RLS_PKPASS_API_KEY": "/k8s/api/RLS_PKPASS_API_KEY", - "VE_PKPASS_API_KEY": "/k8s/api/VE_PKPASS_API_KEY", - "TR_PKPASS_API_KEY": "/k8s/api/TR_PKPASS_API_KEY", - "UST_PKPASS_API_KEY": "/k8s/api/UST_PKPASS_API_KEY", - "RLS_OPEN_LOOKUP_API_KEY": "/k8s/api/RLS_OPEN_LOOKUP_API_KEY", - "MACHINE_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID", - "ADR_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID", - "DRIVING_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID", - "FIREARM_LICENSE_PASS_TEMPLATE_ID": "/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID", - "DISABILITY_LICENSE_PASS_TEMPLATE_ID": "/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID", - "DISABILITY_LICENSE_FETCH_TIMEOUT": "/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT", - "FIREARM_LICENSE_FETCH_TIMEOUT": "/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT", - "DRIVING_LICENSE_FETCH_TIMEOUT": "/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT", - "PKPASS_API_KEY": "/k8s/api/PKPASS_API_KEY", - "PKPASS_API_URL": "/k8s/api/PKPASS_API_URL", - "PKPASS_SECRET_KEY": "/k8s/api/PKPASS_SECRET_KEY", - "PKPASS_CACHE_KEY": "/k8s/api/PKPASS_CACHE_KEY", - "PKPASS_CACHE_TOKEN_EXPIRY_DELTA": "/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA", - "PKPASS_AUTH_RETRIES": "/k8s/api/PKPASS_AUTH_RETRIES", - "LICENSE_SERVICE_BARCODE_SECRET_KEY": "/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "license-api-xrd", - "staging": "license-api-xrd", - "prod": "license-api-xrd" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "license-api", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_FIREARM_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1", - "staging": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1", - "prod": "IS/GOV/5309672079/Logreglan-Protected/island-api-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DISABILITY_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10008/TR-Protected/oryrki-v1", - "staging": "IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1", - "prod": "IS/GOV/5012130120/TR-Protected/oryrki-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_DRIVING_LICENSE_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V2_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1" - }, - "XROAD_DRIVING_LICENSE_V4_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4" - }, - "XROAD_DRIVING_LICENSE_V5_PATH": { - "dev": "r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5", - "staging": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5", - "prod": "r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5" - } - }, - "secrets": { - "XROAD_DRIVING_LICENSE_SECRET": "/k8s/api/DRIVING_LICENSE_SECRET" - } - } - }, - { - "config": { - "env": { - "XROAD_HUNTING_LICENSE_PATH": { - "dev": "IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api", - "staging": "IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api", - "prod": "IS/GOV/7010022880/Umhverfisstofnun-Protected/api" - } - } - } - } - ], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: license-api + enabled: true + env: + HUNTING_LICENSE_PASS_TEMPLATE_ID: 1da72d52-a93a-4d0f-8463-1933a2bd210b + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_DISABILITY_LICENSE_PATH: IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1 + XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1 + XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2 + XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 + XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 + XROAD_FIREARM_LICENSE_PATH: IS/GOV/5309672079/Logreglan-Protected/island-api-v1 + XROAD_HUNTING_LICENSE_PATH: IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + grantNamespaces: + - nginx-ingress-internal + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: license-api-xrd.internal.staging01.devland.is + paths: + - / + namespace: license-api + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT + DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID + DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT + DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID + FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT + FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID + LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY + MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID + PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY + PKPASS_API_URL: /k8s/api/PKPASS_API_URL + PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES + PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA + PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY + RLS_OPEN_LOOKUP_API_KEY: /k8s/api/RLS_OPEN_LOOKUP_API_KEY + RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY + SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL + TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY + UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY + VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY + XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/portals-admin/values.dev.yaml b/charts/services/portals-admin/values.dev.yaml index 1ce03e12f921..983f80b46c49 100644 --- a/charts/services/portals-admin/values.dev.yaml +++ b/charts/services/portals-admin/values.dev.yaml @@ -1,95 +1,67 @@ -{ - "portals-admin": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/stjornbord", - "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "portals-admin", - "grantNamespaces": [ - "nginx-ingress-external", - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/stjornbord" - ] - } - }, - "namespace": "portals-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "25m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 30, - "min": 2, - "scalingMagicNumber": 8 - } - } - } -} \ No newline at end of file +service: + name: portals-admin + enabled: true + env: + BASEPATH: /stjornbord + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 + SERVERSIDE_FEATURES_ON: "" + SI_PUBLIC_ENVIRONMENT: dev + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + grantNamespaces: + - nginx-ingress-external + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.dev01.devland.is + paths: + - /stjornbord + namespace: portals-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 25m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/portals-admin/values.prod.yaml b/charts/services/portals-admin/values.prod.yaml index 1ce03e12f921..617115c9c0c3 100644 --- a/charts/services/portals-admin/values.prod.yaml +++ b/charts/services/portals-admin/values.prod.yaml @@ -1,95 +1,70 @@ -{ - "portals-admin": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/stjornbord", - "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "portals-admin", - "grantNamespaces": [ - "nginx-ingress-external", - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/stjornbord" - ] - } - }, - "namespace": "portals-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "25m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 30, - "min": 2, - "scalingMagicNumber": 8 - } - } - } -} \ No newline at end of file +service: + name: portals-admin + enabled: true + env: + BASEPATH: /stjornbord + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SI_PUBLIC_ENVIRONMENT: prod + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + grantNamespaces: + - nginx-ingress-external + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: island.is + paths: + - /stjornbord + - host: www.island.is + paths: + - /stjornbord + namespace: portals-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 25m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/portals-admin/values.staging.yaml b/charts/services/portals-admin/values.staging.yaml index 1ce03e12f921..83f9f23e1524 100644 --- a/charts/services/portals-admin/values.staging.yaml +++ b/charts/services/portals-admin/values.staging.yaml @@ -1,95 +1,67 @@ -{ - "portals-admin": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/stjornbord", - "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "portals-admin", - "grantNamespaces": [ - "nginx-ingress-external", - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/stjornbord" - ] - } - }, - "namespace": "portals-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "25m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 30, - "min": 2, - "scalingMagicNumber": 8 - } - } - } -} \ No newline at end of file +service: + name: portals-admin + enabled: true + env: + BASEPATH: /stjornbord + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 + SERVERSIDE_FEATURES_ON: "" + SI_PUBLIC_ENVIRONMENT: staging + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + grantNamespaces: + - nginx-ingress-external + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.staging01.devland.is + paths: + - /stjornbord + namespace: portals-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 25m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/regulations-admin-backend/values.dev.yaml b/charts/services/regulations-admin-backend/values.dev.yaml index 32614c3fec07..929956ccad9d 100644 --- a/charts/services/regulations-admin-backend/values.dev.yaml +++ b/charts/services/regulations-admin-backend/values.dev.yaml @@ -1,147 +1,95 @@ -{ - "regulations-admin-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/regulations-admin-api" - }, - "features": {}, - "name": "regulations-admin-backend", - "grantNamespaces": [ - "islandis", - "download-service" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET", - "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", - "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", - "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "regulations-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "regulations-admin-backend", - "postgres": { - "username": "regulations_admin_backend", - "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", - "name": "regulations_admin_backend" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "regulations_admin_backend", - "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", - "name": "regulations_admin_backend" - } - } - } - } -} \ No newline at end of file +service: + name: regulations-admin-backend + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: regulations_admin_backend + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: regulations_admin_backend + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/regulations-admin-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + grantNamespaces: + - islandis + - download-service + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: regulations_admin_backend + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: regulations_admin_backend + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD + namespace: regulations-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/regulations-admin-backend/values.prod.yaml b/charts/services/regulations-admin-backend/values.prod.yaml index 32614c3fec07..c494301b5cbb 100644 --- a/charts/services/regulations-admin-backend/values.prod.yaml +++ b/charts/services/regulations-admin-backend/values.prod.yaml @@ -1,147 +1,95 @@ -{ - "regulations-admin-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/regulations-admin-api" - }, - "features": {}, - "name": "regulations-admin-backend", - "grantNamespaces": [ - "islandis", - "download-service" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET", - "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", - "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", - "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "regulations-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "regulations-admin-backend", - "postgres": { - "username": "regulations_admin_backend", - "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", - "name": "regulations_admin_backend" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "regulations_admin_backend", - "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", - "name": "regulations_admin_backend" - } - } - } - } -} \ No newline at end of file +service: + name: regulations-admin-backend + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: regulations_admin_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: regulations_admin_backend + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/regulations-admin-api" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + grantNamespaces: + - islandis + - download-service + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: regulations_admin_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: regulations_admin_backend + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD + namespace: regulations-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/regulations-admin-backend/values.staging.yaml b/charts/services/regulations-admin-backend/values.staging.yaml index 32614c3fec07..0233156200c9 100644 --- a/charts/services/regulations-admin-backend/values.staging.yaml +++ b/charts/services/regulations-admin-backend/values.staging.yaml @@ -1,147 +1,95 @@ -{ - "regulations-admin-backend": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/regulations-admin-api" - }, - "features": {}, - "name": "regulations-admin-backend", - "grantNamespaces": [ - "islandis", - "download-service" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "REGULATIONS_API_URL": "/k8s/api/REGULATIONS_API_URL", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET", - "REGULATIONS_FILE_UPLOAD_KEY_DRAFT": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT", - "REGULATIONS_FILE_UPLOAD_KEY_PUBLISH": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH", - "REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED": "/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "regulations-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "regulations-admin-backend", - "postgres": { - "username": "regulations_admin_backend", - "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", - "name": "regulations_admin_backend" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "regulations_admin_backend", - "passwordSecret": "/k8s/regulations-admin-backend/DB_PASSWORD", - "name": "regulations_admin_backend" - } - } - } - } -} \ No newline at end of file +service: + name: regulations-admin-backend + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: regulations_admin_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: regulations_admin_backend + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/regulations-admin-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + grantNamespaces: + - islandis + - download-service + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: regulations_admin_backend + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: regulations_admin_backend + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD + namespace: regulations-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/search-indexer-service/values.dev.yaml b/charts/services/search-indexer-service/values.dev.yaml index 3d09c5598a54..b8f9f88f4f3d 100644 --- a/charts/services/search-indexer-service/values.dev.yaml +++ b/charts/services/search-indexer-service/values.dev.yaml @@ -1,204 +1,134 @@ -{ - "search-indexer-service": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "APPLICATION_URL": "http://search-indexer-service", - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - }, - "ELASTIC_INDEX": "island-is", - "CONTENTFUL_SPACE": "8k0h54kbe6bj", - "CONTENTFUL_ENVIRONMENT": "master", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { - "dev": "40", - "staging": "40", - "prod": "40" - }, - "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { - "dev": "loftbru.dev01.devland.is", - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - } - }, - "features": {}, - "name": "search-indexer-service", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", - "API_CMS_SYNC_TOKEN": "/k8s/search-indexer/API_CMS_SYNC_TOKEN", - "API_CMS_DELETION_TOKEN": "/k8s/search-indexer/API_CMS_DELETION_TOKEN", - "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "search-indexer-service", - "staging": "search-indexer-service", - "prod": "search-indexer-service.devland.is" - }, - "paths": [ - "/" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": {} - } - } - }, - "namespace": "search-indexer", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "requests": { - "cpu": "400m", - "memory": "3072Mi" - }, - "limits": { - "cpu": "800m", - "memory": "4096Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-search-indexer", - "accountName": "search-indexer", - "initContainers": { - "envs": { - "APPLICATION_URL": "http://search-indexer-service", - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - }, - "ELASTIC_INDEX": "island-is", - "CONTENTFUL_SPACE": "8k0h54kbe6bj", - "CONTENTFUL_ENVIRONMENT": "master", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { - "dev": "40", - "staging": "40", - "prod": "40" - }, - "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { - "dev": "loftbru.dev01.devland.is", - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - }, - "S3_BUCKET": { - "dev": "dev-es-custom-packages", - "staging": "staging-es-custom-packages", - "prod": "prod-es-custom-packages" - }, - "ELASTIC_DOMAIN": "search", - "NODE_OPTIONS": "--max-old-space-size=2048" - }, - "secrets": { - "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "features": {}, - "containers": [ - { - "command": "/usr/local/bin/node", - "args": [ - "/webapp/migrateAws.js" - ], - "name": "migrate-aws", - "resources": { - "requests": { - "cpu": "100m", - "memory": "512Mi" - }, - "limits": { - "cpu": "400m", - "memory": "2048Mi" - } - } - }, - { - "command": "/usr/local/bin/node", - "args": [ - "/webapp/migrateElastic.js" - ], - "name": "migrate-elastic", - "resources": { - "requests": { - "cpu": "300m", - "memory": "3072Mi" - }, - "limits": { - "cpu": "700m", - "memory": "4096Mi" - } - } - }, - { - "command": "/usr/local/bin/node", - "args": [ - "/webapp/migrateKibana.js" - ], - "name": "migrate-kibana", - "resources": { - "requests": { - "cpu": "100m", - "memory": "512Mi" - }, - "limits": { - "cpu": "400m", - "memory": "2048Mi" - } - } - } - ] - }, - "replicaCount": { - "min": 1, - "max": 1, - "default": 1 - }, - "extraAttributes": { - "dev": { - "progressDeadlineSeconds": 1500 - }, - "staging": { - "progressDeadlineSeconds": 1500 - }, - "prod": { - "progressDeadlineSeconds": 1500 - } - } - } - } -} \ No newline at end of file +service: + name: search-indexer-service + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.dev01.devland.is + APPLICATION_URL: http://search-indexer-service + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" + CONTENTFUL_ENVIRONMENT: master + CONTENTFUL_HOST: preview.contentful.com + CONTENTFUL_SPACE: 8k0h54kbe6bj + ELASTIC_INDEX: island-is + ELASTIC_NODE: https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com + ENVIRONMENT: dev + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=3686 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: search-indexer-service.dev01.devland.is + paths: + - / + initContainer: + containers: + - args: + - /webapp/migrateAws.js + command: + - /usr/local/bin/node + name: migrate-aws + resources: + limits: + cpu: 400m + memory: 2048Mi + requests: + cpu: 100m + memory: 512Mi + - args: + - /webapp/migrateElastic.js + command: + - /usr/local/bin/node + name: migrate-elastic + resources: + limits: + cpu: 700m + memory: 4096Mi + requests: + cpu: 300m + memory: 3072Mi + - args: + - /webapp/migrateKibana.js + command: + - /usr/local/bin/node + name: migrate-kibana + resources: + limits: + cpu: 400m + memory: 2048Mi + requests: + cpu: 100m + memory: 512Mi + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.dev01.devland.is + APPLICATION_URL: http://search-indexer-service + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" + CONTENTFUL_ENVIRONMENT: master + CONTENTFUL_HOST: preview.contentful.com + CONTENTFUL_SPACE: 8k0h54kbe6bj + ELASTIC_DOMAIN: search + ELASTIC_INDEX: island-is + ELASTIC_NODE: https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com + ENVIRONMENT: dev + NODE_OPTIONS: --max-old-space-size=2048 + S3_BUCKET: dev-es-custom-packages + SERVERSIDE_FEATURES_ON: "" + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN + namespace: search-indexer + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: 800m + memory: 4096Mi + requests: + cpu: 400m + memory: 3072Mi + secrets: + API_CMS_DELETION_TOKEN: /k8s/search-indexer/API_CMS_DELETION_TOKEN + API_CMS_SYNC_TOKEN: /k8s/search-indexer/API_CMS_SYNC_TOKEN + APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/search-indexer + create: true + name: search-indexer diff --git a/charts/services/search-indexer-service/values.prod.yaml b/charts/services/search-indexer-service/values.prod.yaml index 3d09c5598a54..daaf62893560 100644 --- a/charts/services/search-indexer-service/values.prod.yaml +++ b/charts/services/search-indexer-service/values.prod.yaml @@ -1,204 +1,133 @@ -{ - "search-indexer-service": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "APPLICATION_URL": "http://search-indexer-service", - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - }, - "ELASTIC_INDEX": "island-is", - "CONTENTFUL_SPACE": "8k0h54kbe6bj", - "CONTENTFUL_ENVIRONMENT": "master", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { - "dev": "40", - "staging": "40", - "prod": "40" - }, - "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { - "dev": "loftbru.dev01.devland.is", - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - } - }, - "features": {}, - "name": "search-indexer-service", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", - "API_CMS_SYNC_TOKEN": "/k8s/search-indexer/API_CMS_SYNC_TOKEN", - "API_CMS_DELETION_TOKEN": "/k8s/search-indexer/API_CMS_DELETION_TOKEN", - "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "search-indexer-service", - "staging": "search-indexer-service", - "prod": "search-indexer-service.devland.is" - }, - "paths": [ - "/" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": {} - } - } - }, - "namespace": "search-indexer", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "requests": { - "cpu": "400m", - "memory": "3072Mi" - }, - "limits": { - "cpu": "800m", - "memory": "4096Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-search-indexer", - "accountName": "search-indexer", - "initContainers": { - "envs": { - "APPLICATION_URL": "http://search-indexer-service", - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - }, - "ELASTIC_INDEX": "island-is", - "CONTENTFUL_SPACE": "8k0h54kbe6bj", - "CONTENTFUL_ENVIRONMENT": "master", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { - "dev": "40", - "staging": "40", - "prod": "40" - }, - "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { - "dev": "loftbru.dev01.devland.is", - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - }, - "S3_BUCKET": { - "dev": "dev-es-custom-packages", - "staging": "staging-es-custom-packages", - "prod": "prod-es-custom-packages" - }, - "ELASTIC_DOMAIN": "search", - "NODE_OPTIONS": "--max-old-space-size=2048" - }, - "secrets": { - "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "features": {}, - "containers": [ - { - "command": "/usr/local/bin/node", - "args": [ - "/webapp/migrateAws.js" - ], - "name": "migrate-aws", - "resources": { - "requests": { - "cpu": "100m", - "memory": "512Mi" - }, - "limits": { - "cpu": "400m", - "memory": "2048Mi" - } - } - }, - { - "command": "/usr/local/bin/node", - "args": [ - "/webapp/migrateElastic.js" - ], - "name": "migrate-elastic", - "resources": { - "requests": { - "cpu": "300m", - "memory": "3072Mi" - }, - "limits": { - "cpu": "700m", - "memory": "4096Mi" - } - } - }, - { - "command": "/usr/local/bin/node", - "args": [ - "/webapp/migrateKibana.js" - ], - "name": "migrate-kibana", - "resources": { - "requests": { - "cpu": "100m", - "memory": "512Mi" - }, - "limits": { - "cpu": "400m", - "memory": "2048Mi" - } - } - } - ] - }, - "replicaCount": { - "min": 1, - "max": 1, - "default": 1 - }, - "extraAttributes": { - "dev": { - "progressDeadlineSeconds": 1500 - }, - "staging": { - "progressDeadlineSeconds": 1500 - }, - "prod": { - "progressDeadlineSeconds": 1500 - } - } - } - } -} \ No newline at end of file +service: + name: search-indexer-service + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.island.is + APPLICATION_URL: http://search-indexer-service + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" + CONTENTFUL_ENVIRONMENT: master + CONTENTFUL_HOST: cdn.contentful.com + CONTENTFUL_SPACE: 8k0h54kbe6bj + ELASTIC_INDEX: island-is + ELASTIC_NODE: https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com + ENVIRONMENT: prod + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=3686 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: search-indexer-service.devland.is + paths: + - / + initContainer: + containers: + - args: + - /webapp/migrateAws.js + command: + - /usr/local/bin/node + name: migrate-aws + resources: + limits: + cpu: 400m + memory: 2048Mi + requests: + cpu: 100m + memory: 512Mi + - args: + - /webapp/migrateElastic.js + command: + - /usr/local/bin/node + name: migrate-elastic + resources: + limits: + cpu: 700m + memory: 4096Mi + requests: + cpu: 300m + memory: 3072Mi + - args: + - /webapp/migrateKibana.js + command: + - /usr/local/bin/node + name: migrate-kibana + resources: + limits: + cpu: 400m + memory: 2048Mi + requests: + cpu: 100m + memory: 512Mi + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.island.is + APPLICATION_URL: http://search-indexer-service + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" + CONTENTFUL_ENVIRONMENT: master + CONTENTFUL_HOST: cdn.contentful.com + CONTENTFUL_SPACE: 8k0h54kbe6bj + ELASTIC_DOMAIN: search + ELASTIC_INDEX: island-is + ELASTIC_NODE: https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com + ENVIRONMENT: prod + NODE_OPTIONS: --max-old-space-size=2048 + S3_BUCKET: prod-es-custom-packages + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN + namespace: search-indexer + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: 800m + memory: 4096Mi + requests: + cpu: 400m + memory: 3072Mi + secrets: + API_CMS_DELETION_TOKEN: /k8s/search-indexer/API_CMS_DELETION_TOKEN + API_CMS_SYNC_TOKEN: /k8s/search-indexer/API_CMS_SYNC_TOKEN + APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/search-indexer + create: true + name: search-indexer diff --git a/charts/services/search-indexer-service/values.staging.yaml b/charts/services/search-indexer-service/values.staging.yaml index 3d09c5598a54..9f5da31697c7 100644 --- a/charts/services/search-indexer-service/values.staging.yaml +++ b/charts/services/search-indexer-service/values.staging.yaml @@ -1,204 +1,134 @@ -{ - "search-indexer-service": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "APPLICATION_URL": "http://search-indexer-service", - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - }, - "ELASTIC_INDEX": "island-is", - "CONTENTFUL_SPACE": "8k0h54kbe6bj", - "CONTENTFUL_ENVIRONMENT": "master", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { - "dev": "40", - "staging": "40", - "prod": "40" - }, - "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { - "dev": "loftbru.dev01.devland.is", - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - } - }, - "features": {}, - "name": "search-indexer-service", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", - "API_CMS_SYNC_TOKEN": "/k8s/search-indexer/API_CMS_SYNC_TOKEN", - "API_CMS_DELETION_TOKEN": "/k8s/search-indexer/API_CMS_DELETION_TOKEN", - "APOLLO_BYPASS_CACHE_SECRET": "/k8s/api/APOLLO_BYPASS_CACHE_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "search-indexer-service", - "staging": "search-indexer-service", - "prod": "search-indexer-service.devland.is" - }, - "paths": [ - "/" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": {} - } - } - }, - "namespace": "search-indexer", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "requests": { - "cpu": "400m", - "memory": "3072Mi" - }, - "limits": { - "cpu": "800m", - "memory": "4096Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-search-indexer", - "accountName": "search-indexer", - "initContainers": { - "envs": { - "APPLICATION_URL": "http://search-indexer-service", - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - }, - "ELASTIC_INDEX": "island-is", - "CONTENTFUL_SPACE": "8k0h54kbe6bj", - "CONTENTFUL_ENVIRONMENT": "master", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - }, - "CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE": { - "dev": "40", - "staging": "40", - "prod": "40" - }, - "AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME": { - "dev": "loftbru.dev01.devland.is", - "staging": "loftbru.staging01.devland.is", - "prod": "loftbru.island.is" - }, - "S3_BUCKET": { - "dev": "dev-es-custom-packages", - "staging": "staging-es-custom-packages", - "prod": "prod-es-custom-packages" - }, - "ELASTIC_DOMAIN": "search", - "NODE_OPTIONS": "--max-old-space-size=2048" - }, - "secrets": { - "CONTENTFUL_ACCESS_TOKEN": "/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN", - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "features": {}, - "containers": [ - { - "command": "/usr/local/bin/node", - "args": [ - "/webapp/migrateAws.js" - ], - "name": "migrate-aws", - "resources": { - "requests": { - "cpu": "100m", - "memory": "512Mi" - }, - "limits": { - "cpu": "400m", - "memory": "2048Mi" - } - } - }, - { - "command": "/usr/local/bin/node", - "args": [ - "/webapp/migrateElastic.js" - ], - "name": "migrate-elastic", - "resources": { - "requests": { - "cpu": "300m", - "memory": "3072Mi" - }, - "limits": { - "cpu": "700m", - "memory": "4096Mi" - } - } - }, - { - "command": "/usr/local/bin/node", - "args": [ - "/webapp/migrateKibana.js" - ], - "name": "migrate-kibana", - "resources": { - "requests": { - "cpu": "100m", - "memory": "512Mi" - }, - "limits": { - "cpu": "400m", - "memory": "2048Mi" - } - } - } - ] - }, - "replicaCount": { - "min": 1, - "max": 1, - "default": 1 - }, - "extraAttributes": { - "dev": { - "progressDeadlineSeconds": 1500 - }, - "staging": { - "progressDeadlineSeconds": 1500 - }, - "prod": { - "progressDeadlineSeconds": 1500 - } - } - } - } -} \ No newline at end of file +service: + name: search-indexer-service + enabled: true + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.staging01.devland.is + APPLICATION_URL: http://search-indexer-service + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" + CONTENTFUL_ENVIRONMENT: master + CONTENTFUL_HOST: cdn.contentful.com + CONTENTFUL_SPACE: 8k0h54kbe6bj + ELASTIC_INDEX: island-is + ELASTIC_NODE: https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com + ENVIRONMENT: staging + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=3686 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 1 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: search-indexer-service.staging01.devland.is + paths: + - / + initContainer: + containers: + - args: + - /webapp/migrateAws.js + command: + - /usr/local/bin/node + name: migrate-aws + resources: + limits: + cpu: 400m + memory: 2048Mi + requests: + cpu: 100m + memory: 512Mi + - args: + - /webapp/migrateElastic.js + command: + - /usr/local/bin/node + name: migrate-elastic + resources: + limits: + cpu: 700m + memory: 4096Mi + requests: + cpu: 300m + memory: 3072Mi + - args: + - /webapp/migrateKibana.js + command: + - /usr/local/bin/node + name: migrate-kibana + resources: + limits: + cpu: 400m + memory: 2048Mi + requests: + cpu: 100m + memory: 512Mi + env: + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.staging01.devland.is + APPLICATION_URL: http://search-indexer-service + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" + CONTENTFUL_ENVIRONMENT: master + CONTENTFUL_HOST: cdn.contentful.com + CONTENTFUL_SPACE: 8k0h54kbe6bj + ELASTIC_DOMAIN: search + ELASTIC_INDEX: island-is + ELASTIC_NODE: https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com + ENVIRONMENT: staging + NODE_OPTIONS: --max-old-space-size=2048 + S3_BUCKET: staging-es-custom-packages + SERVERSIDE_FEATURES_ON: "" + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN + namespace: search-indexer + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + progressDeadlineSeconds: 1500 + pvcs: [] + replicaCount: + default: 1 + max: 1 + min: 1 + resources: + limits: + cpu: 800m + memory: 4096Mi + requests: + cpu: 400m + memory: 3072Mi + secrets: + API_CMS_DELETION_TOKEN: /k8s/search-indexer/API_CMS_DELETION_TOKEN + API_CMS_SYNC_TOKEN: /k8s/search-indexer/API_CMS_SYNC_TOKEN + APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/search-indexer + create: true + name: search-indexer diff --git a/charts/services/service-portal-api/values.dev.yaml b/charts/services/service-portal-api/values.dev.yaml index 4f1a78c63e1f..07a941ff66c3 100644 --- a/charts/services/service-portal-api/values.dev.yaml +++ b/charts/services/service-portal-api/values.dev.yaml @@ -1,196 +1,127 @@ -{ - "service-portal-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "SERVICE_PORTAL_BASE_URL": { - "dev": "https://beta.dev01.devland.is/minarsidur", - "staging": "https://beta.staging01.devland.is/minarsidur", - "prod": "https://island.is/minarsidur", - "local": "http://localhost:4200/minarsidur" - }, - "EMAIL_REGION": "eu-west-1", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]" - }, - "features": {}, - "name": "service-portal-api", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "user-notification", - "identity-server", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NOVA_URL": "/k8s/service-portal-api/NOVA_URL", - "NOVA_PASSWORD": "/k8s/gjafakort/NOVA_PASSWORD", - "NOVA_USERNAME": "/k8s/gjafakort/NOVA_USERNAME", - "EMAIL_FROM": "/k8s/service-portal/api/EMAIL_FROM", - "EMAIL_FROM_NAME": "/k8s/service-portal/api/EMAIL_FROM_NAME", - "EMAIL_REPLY_TO": "/k8s/service-portal/api/EMAIL_REPLY_TO", - "EMAIL_REPLY_TO_NAME": "/k8s/service-portal/api/EMAIL_REPLY_TO_NAME", - "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", - "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", - "IDENTITY_SERVER_CLIENT_ID": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": { - "internal": { - "host": { - "dev": "service-portal-api", - "staging": "service-portal-api", - "prod": "service-portal-api" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "service-portal", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "800m", - "memory": "1024Mi" - }, - "requests": { - "cpu": "100m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [ - { - "filename": "islyklar.p12", - "env": "ISLYKILL_CERT" - } - ], - "volumes": [], - "image": "services-user-profile", - "accountName": "service-portal-api", - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "service_portal_api", - "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", - "name": "service_portal_api" - } - }, - "replicaCount": { - "default": 2, - "max": 30, - "min": 2 - }, - "postgres": { - "username": "service_portal_api", - "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", - "name": "service_portal_api" - } - } - } -} \ No newline at end of file +service: + name: service-portal-api + enabled: true + env: + AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: postgres-applications.internal + DB_NAME: service_portal_api + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: service_portal_api + EMAIL_REGION: eu-west-1 + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + ISLYKILL_CERT: /etc/config/islyklar.p12 + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "true" + SERVERSIDE_FEATURES_ON: "" + SERVICE_PORTAL_BASE_URL: https://beta.dev01.devland.is/minarsidur + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + files: + - islyklar.p12 + grantNamespaces: + - nginx-ingress-internal + - islandis + - user-notification + - identity-server + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: service-portal-api.internal.dev01.devland.is + paths: + - / + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: service_portal_api + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: service_portal_api + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/service-portal-api/DB_PASSWORD + namespace: service-portal + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 800m + memory: 1024Mi + requests: + cpu: 100m + memory: 512Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/service-portal-api/DB_PASSWORD + EMAIL_FROM: /k8s/service-portal/api/EMAIL_FROM + EMAIL_FROM_NAME: /k8s/service-portal/api/EMAIL_FROM_NAME + EMAIL_REPLY_TO: /k8s/service-portal/api/EMAIL_REPLY_TO + EMAIL_REPLY_TO_NAME: /k8s/service-portal/api/EMAIL_REPLY_TO_NAME + IDENTITY_SERVER_CLIENT_ID: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID + IDENTITY_SERVER_CLIENT_SECRET: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET + ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH + ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + NOVA_PASSWORD: /k8s/gjafakort/NOVA_PASSWORD + NOVA_URL: /k8s/service-portal-api/NOVA_URL + NOVA_USERNAME: /k8s/gjafakort/NOVA_USERNAME + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/service-portal-api + create: true + name: service-portal-api diff --git a/charts/services/service-portal-api/values.prod.yaml b/charts/services/service-portal-api/values.prod.yaml index 4f1a78c63e1f..f2c7f2045724 100644 --- a/charts/services/service-portal-api/values.prod.yaml +++ b/charts/services/service-portal-api/values.prod.yaml @@ -1,196 +1,127 @@ -{ - "service-portal-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "SERVICE_PORTAL_BASE_URL": { - "dev": "https://beta.dev01.devland.is/minarsidur", - "staging": "https://beta.staging01.devland.is/minarsidur", - "prod": "https://island.is/minarsidur", - "local": "http://localhost:4200/minarsidur" - }, - "EMAIL_REGION": "eu-west-1", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]" - }, - "features": {}, - "name": "service-portal-api", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "user-notification", - "identity-server", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NOVA_URL": "/k8s/service-portal-api/NOVA_URL", - "NOVA_PASSWORD": "/k8s/gjafakort/NOVA_PASSWORD", - "NOVA_USERNAME": "/k8s/gjafakort/NOVA_USERNAME", - "EMAIL_FROM": "/k8s/service-portal/api/EMAIL_FROM", - "EMAIL_FROM_NAME": "/k8s/service-portal/api/EMAIL_FROM_NAME", - "EMAIL_REPLY_TO": "/k8s/service-portal/api/EMAIL_REPLY_TO", - "EMAIL_REPLY_TO_NAME": "/k8s/service-portal/api/EMAIL_REPLY_TO_NAME", - "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", - "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", - "IDENTITY_SERVER_CLIENT_ID": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": { - "internal": { - "host": { - "dev": "service-portal-api", - "staging": "service-portal-api", - "prod": "service-portal-api" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "service-portal", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "800m", - "memory": "1024Mi" - }, - "requests": { - "cpu": "100m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [ - { - "filename": "islyklar.p12", - "env": "ISLYKILL_CERT" - } - ], - "volumes": [], - "image": "services-user-profile", - "accountName": "service-portal-api", - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "service_portal_api", - "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", - "name": "service_portal_api" - } - }, - "replicaCount": { - "default": 2, - "max": 30, - "min": 2 - }, - "postgres": { - "username": "service_portal_api", - "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", - "name": "service_portal_api" - } - } - } -} \ No newline at end of file +service: + name: service-portal-api + enabled: true + env: + AUTH_DELEGATION_API_URL: https://auth-delegation-api.internal.innskra.island.is + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: postgres-applications.internal + DB_NAME: service_portal_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: service_portal_api + EMAIL_REGION: eu-west-1 + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + ISLYKILL_CERT: /etc/config/islyklar.p12 + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "false" + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SERVICE_PORTAL_BASE_URL: https://island.is/minarsidur + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + files: + - islyklar.p12 + grantNamespaces: + - nginx-ingress-internal + - islandis + - user-notification + - identity-server + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: service-portal-api.internal.island.is + paths: + - / + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: service_portal_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: service_portal_api + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/service-portal-api/DB_PASSWORD + namespace: service-portal + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 800m + memory: 1024Mi + requests: + cpu: 100m + memory: 512Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/service-portal-api/DB_PASSWORD + EMAIL_FROM: /k8s/service-portal/api/EMAIL_FROM + EMAIL_FROM_NAME: /k8s/service-portal/api/EMAIL_FROM_NAME + EMAIL_REPLY_TO: /k8s/service-portal/api/EMAIL_REPLY_TO + EMAIL_REPLY_TO_NAME: /k8s/service-portal/api/EMAIL_REPLY_TO_NAME + IDENTITY_SERVER_CLIENT_ID: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID + IDENTITY_SERVER_CLIENT_SECRET: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET + ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH + ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + NOVA_PASSWORD: /k8s/gjafakort/NOVA_PASSWORD + NOVA_URL: /k8s/service-portal-api/NOVA_URL + NOVA_USERNAME: /k8s/gjafakort/NOVA_USERNAME + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/service-portal-api + create: true + name: service-portal-api diff --git a/charts/services/service-portal-api/values.staging.yaml b/charts/services/service-portal-api/values.staging.yaml index 4f1a78c63e1f..fcc442bc73c4 100644 --- a/charts/services/service-portal-api/values.staging.yaml +++ b/charts/services/service-portal-api/values.staging.yaml @@ -1,196 +1,127 @@ -{ - "service-portal-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "SERVICE_PORTAL_BASE_URL": { - "dev": "https://beta.dev01.devland.is/minarsidur", - "staging": "https://beta.staging01.devland.is/minarsidur", - "prod": "https://island.is/minarsidur", - "local": "http://localhost:4200/minarsidur" - }, - "EMAIL_REGION": "eu-west-1", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]" - }, - "features": {}, - "name": "service-portal-api", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "user-notification", - "identity-server", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "NOVA_URL": "/k8s/service-portal-api/NOVA_URL", - "NOVA_PASSWORD": "/k8s/gjafakort/NOVA_PASSWORD", - "NOVA_USERNAME": "/k8s/gjafakort/NOVA_USERNAME", - "EMAIL_FROM": "/k8s/service-portal/api/EMAIL_FROM", - "EMAIL_FROM_NAME": "/k8s/service-portal/api/EMAIL_FROM_NAME", - "EMAIL_REPLY_TO": "/k8s/service-portal/api/EMAIL_REPLY_TO", - "EMAIL_REPLY_TO_NAME": "/k8s/service-portal/api/EMAIL_REPLY_TO_NAME", - "ISLYKILL_SERVICE_PASSPHRASE": "/k8s/api/ISLYKILL_SERVICE_PASSPHRASE", - "ISLYKILL_SERVICE_BASEPATH": "/k8s/api/ISLYKILL_SERVICE_BASEPATH", - "IDENTITY_SERVER_CLIENT_ID": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": { - "internal": { - "host": { - "dev": "service-portal-api", - "staging": "service-portal-api", - "prod": "service-portal-api" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "service-portal", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "800m", - "memory": "1024Mi" - }, - "requests": { - "cpu": "100m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [ - { - "filename": "islyklar.p12", - "env": "ISLYKILL_CERT" - } - ], - "volumes": [], - "image": "services-user-profile", - "accountName": "service-portal-api", - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "service_portal_api", - "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", - "name": "service_portal_api" - } - }, - "replicaCount": { - "default": 2, - "max": 30, - "min": 2 - }, - "postgres": { - "username": "service_portal_api", - "passwordSecret": "/k8s/service-portal-api/DB_PASSWORD", - "name": "service_portal_api" - } - } - } -} \ No newline at end of file +service: + name: service-portal-api + enabled: true + env: + AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + DB_HOST: postgres-applications.internal + DB_NAME: service_portal_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: service_portal_api + EMAIL_REGION: eu-west-1 + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + ISLYKILL_CERT: /etc/config/islyklar.p12 + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "false" + SERVERSIDE_FEATURES_ON: "" + SERVICE_PORTAL_BASE_URL: https://beta.staging01.devland.is/minarsidur + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + files: + - islyklar.p12 + grantNamespaces: + - nginx-ingress-internal + - islandis + - user-notification + - identity-server + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: service-portal-api.internal.staging01.devland.is + paths: + - / + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: service_portal_api + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: service_portal_api + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/service-portal-api/DB_PASSWORD + namespace: service-portal + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 800m + memory: 1024Mi + requests: + cpu: 100m + memory: 512Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/service-portal-api/DB_PASSWORD + EMAIL_FROM: /k8s/service-portal/api/EMAIL_FROM + EMAIL_FROM_NAME: /k8s/service-portal/api/EMAIL_FROM_NAME + EMAIL_REPLY_TO: /k8s/service-portal/api/EMAIL_REPLY_TO + EMAIL_REPLY_TO_NAME: /k8s/service-portal/api/EMAIL_REPLY_TO_NAME + IDENTITY_SERVER_CLIENT_ID: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID + IDENTITY_SERVER_CLIENT_SECRET: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET + ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH + ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + NOVA_PASSWORD: /k8s/gjafakort/NOVA_PASSWORD + NOVA_URL: /k8s/service-portal-api/NOVA_URL + NOVA_USERNAME: /k8s/gjafakort/NOVA_USERNAME + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/service-portal-api + create: true + name: service-portal-api diff --git a/charts/services/service-portal/values.dev.yaml b/charts/services/service-portal/values.dev.yaml index dca3067c7018..6e2a5411652f 100644 --- a/charts/services/service-portal/values.dev.yaml +++ b/charts/services/service-portal/values.dev.yaml @@ -1,102 +1,71 @@ -{ - "service-portal": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/minarsidur", - "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "SI_PUBLIC_GRAPHQL_API": { - "prod": "/api/graphql", - "staging": "/api/graphql", - "dev": "/api/graphql" - } - }, - "features": {}, - "name": "service-portal", - "grantNamespaces": [ - "nginx-ingress-internal", - "nginx-ingress-external", - "islandis", - "user-notification", - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/minarsidur" - ] - } - }, - "namespace": "service-portal", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "300m", - "memory": "256Mi" - }, - "requests": { - "cpu": "5m", - "memory": "32Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 30, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: service-portal + enabled: true + env: + BASEPATH: /minarsidur + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 + SERVERSIDE_FEATURES_ON: "" + SI_PUBLIC_ENVIRONMENT: dev + SI_PUBLIC_GRAPHQL_API: /api/graphql + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + grantNamespaces: + - nginx-ingress-internal + - nginx-ingress-external + - islandis + - user-notification + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.dev01.devland.is + paths: + - /minarsidur + namespace: service-portal + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 300m + memory: 256Mi + requests: + cpu: 5m + memory: 32Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/service-portal/values.prod.yaml b/charts/services/service-portal/values.prod.yaml index dca3067c7018..a0396a0fdd9a 100644 --- a/charts/services/service-portal/values.prod.yaml +++ b/charts/services/service-portal/values.prod.yaml @@ -1,102 +1,74 @@ -{ - "service-portal": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/minarsidur", - "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "SI_PUBLIC_GRAPHQL_API": { - "prod": "/api/graphql", - "staging": "/api/graphql", - "dev": "/api/graphql" - } - }, - "features": {}, - "name": "service-portal", - "grantNamespaces": [ - "nginx-ingress-internal", - "nginx-ingress-external", - "islandis", - "user-notification", - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/minarsidur" - ] - } - }, - "namespace": "service-portal", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "300m", - "memory": "256Mi" - }, - "requests": { - "cpu": "5m", - "memory": "32Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 30, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: service-portal + enabled: true + env: + BASEPATH: /minarsidur + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SI_PUBLIC_ENVIRONMENT: prod + SI_PUBLIC_GRAPHQL_API: /api/graphql + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + grantNamespaces: + - nginx-ingress-internal + - nginx-ingress-external + - islandis + - user-notification + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: island.is + paths: + - /minarsidur + - host: www.island.is + paths: + - /minarsidur + namespace: service-portal + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 300m + memory: 256Mi + requests: + cpu: 5m + memory: 32Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/service-portal/values.staging.yaml b/charts/services/service-portal/values.staging.yaml index dca3067c7018..7010de4e9b4f 100644 --- a/charts/services/service-portal/values.staging.yaml +++ b/charts/services/service-portal/values.staging.yaml @@ -1,102 +1,71 @@ -{ - "service-portal": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "BASEPATH": "/minarsidur", - "SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "SI_PUBLIC_GRAPHQL_API": { - "prod": "/api/graphql", - "staging": "/api/graphql", - "dev": "/api/graphql" - } - }, - "features": {}, - "name": "service-portal", - "grantNamespaces": [ - "nginx-ingress-internal", - "nginx-ingress-external", - "islandis", - "user-notification", - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SI_PUBLIC_DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "SI_PUBLIC_DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/minarsidur" - ] - } - }, - "namespace": "service-portal", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "300m", - "memory": "256Mi" - }, - "requests": { - "cpu": "5m", - "memory": "32Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 30, - "min": 2 - } - } - } -} \ No newline at end of file +service: + name: service-portal + enabled: true + env: + BASEPATH: /minarsidur + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 + SERVERSIDE_FEATURES_ON: "" + SI_PUBLIC_ENVIRONMENT: staging + SI_PUBLIC_GRAPHQL_API: /api/graphql + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + grantNamespaces: + - nginx-ingress-internal + - nginx-ingress-external + - islandis + - user-notification + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 30 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.staging01.devland.is + paths: + - /minarsidur + namespace: service-portal + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 30 + min: 2 + resources: + limits: + cpu: 300m + memory: 256Mi + requests: + cpu: 5m + memory: 32Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-admin-api/values.dev.yaml b/charts/services/services-auth-admin-api/values.dev.yaml index c03fd0a9682a..254b1d81bd9c 100644 --- a/charts/services/services-auth-admin-api/values.dev.yaml +++ b/charts/services/services-auth-admin-api/values.dev.yaml @@ -1,186 +1,93 @@ -{ - "services-auth-admin-api": { - "serviceDef": { - "liveness": { - "path": "/backend/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/backend/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_ISSUER_URL_LIST": { - "dev": "[\"https://identity-server.dev01.devland.is\",\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", - "staging": "[\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", - "prod": "[\"https://innskra.island.is\"]" - }, - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-admin-api", - "grantNamespaces": [ - "nginx-ingress-external", - "nginx-ingress-internal", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "CLIENT_SECRET_ENCRYPTION_KEY": "/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "paths": [ - "/backend" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - } - } - } - }, - "namespace": "identity-server-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "768Mi" - }, - "requests": { - "cpu": "100m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-admin-api", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-admin-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + SYSLUMENN_HOST: https://api.syslumenn.is/staging + SYSLUMENN_TIMEOUT: "3000" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: + - nginx-ingress-external + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /backend/liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /backend/health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: identity-server.dev01.devland.is + paths: + - /backend + namespace: identity-server-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 768Mi + requests: + cpu: 100m + memory: 512Mi + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: /k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-admin-api/values.prod.yaml b/charts/services/services-auth-admin-api/values.prod.yaml index c03fd0a9682a..1f2c9422a6b0 100644 --- a/charts/services/services-auth-admin-api/values.prod.yaml +++ b/charts/services/services-auth-admin-api/values.prod.yaml @@ -1,186 +1,93 @@ -{ - "services-auth-admin-api": { - "serviceDef": { - "liveness": { - "path": "/backend/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/backend/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_ISSUER_URL_LIST": { - "dev": "[\"https://identity-server.dev01.devland.is\",\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", - "staging": "[\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", - "prod": "[\"https://innskra.island.is\"]" - }, - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-admin-api", - "grantNamespaces": [ - "nginx-ingress-external", - "nginx-ingress-internal", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "CLIENT_SECRET_ENCRYPTION_KEY": "/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "paths": [ - "/backend" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - } - } - } - }, - "namespace": "identity-server-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "768Mi" - }, - "requests": { - "cpu": "100m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-admin-api", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-admin-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 + DB_HOST: postgres-ids.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-ids.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SYSLUMENN_HOST: https://api.syslumenn.is/api + SYSLUMENN_TIMEOUT: "3000" + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: + - nginx-ingress-external + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /backend/liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /backend/health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: innskra.island.is + paths: + - /backend + namespace: identity-server-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 768Mi + requests: + cpu: 100m + memory: 512Mi + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: /k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-admin-api/values.staging.yaml b/charts/services/services-auth-admin-api/values.staging.yaml index c03fd0a9682a..3f18d2bfe82c 100644 --- a/charts/services/services-auth-admin-api/values.staging.yaml +++ b/charts/services/services-auth-admin-api/values.staging.yaml @@ -1,186 +1,93 @@ -{ - "services-auth-admin-api": { - "serviceDef": { - "liveness": { - "path": "/backend/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/backend/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "IDENTITY_SERVER_ISSUER_URL_LIST": { - "dev": "[\"https://identity-server.dev01.devland.is\",\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", - "staging": "[\"https://identity-server.staging01.devland.is\",\"https://innskra.island.is\"]", - "prod": "[\"https://innskra.island.is\"]" - }, - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-admin-api", - "grantNamespaces": [ - "nginx-ingress-external", - "nginx-ingress-internal", - "islandis" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "CLIENT_SECRET_ENCRYPTION_KEY": "/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "paths": [ - "/backend" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - }, - "prod": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false" - } - } - } - }, - "namespace": "identity-server-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "768Mi" - }, - "requests": { - "cpu": "100m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-admin-api", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-admin-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + SYSLUMENN_HOST: https://api.syslumenn.is/staging + SYSLUMENN_TIMEOUT: "3000" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: + - nginx-ingress-external + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /backend/liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /backend/health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: identity-server.staging01.devland.is + paths: + - /backend + namespace: identity-server-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 768Mi + requests: + cpu: 100m + memory: 512Mi + secrets: + CLIENT_SECRET_ENCRYPTION_KEY: /k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-delegation-api/values.dev.yaml b/charts/services/services-auth-delegation-api/values.dev.yaml index b6e637ef373f..45bb3c0c76d6 100644 --- a/charts/services/services-auth-delegation-api/values.dev.yaml +++ b/charts/services/services-auth-delegation-api/values.dev.yaml @@ -1,173 +1,92 @@ -{ - "services-auth-delegation-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "USER_NOTIFICATION_API_URL": { - "prod": "https://user-notification.internal.island.is" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-delegation-api", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "service-portal", - "user-notification-worker" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "internal": { - "host": { - "dev": "auth-delegation-api", - "staging": "auth-delegation-api", - "prod": "auth-delegation-api.internal.innskra.island.is" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "identity-server-delegation", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-delegation-api", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-delegation-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + SYSLUMENN_HOST: https://api.syslumenn.is/staging + SYSLUMENN_TIMEOUT: "3000" + USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: + - nginx-ingress-internal + - islandis + - service-portal + - user-notification-worker + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: auth-delegation-api.internal.dev01.devland.is + paths: + - / + namespace: identity-server-delegation + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-delegation-api/values.prod.yaml b/charts/services/services-auth-delegation-api/values.prod.yaml index b6e637ef373f..c3d6b0c1bb88 100644 --- a/charts/services/services-auth-delegation-api/values.prod.yaml +++ b/charts/services/services-auth-delegation-api/values.prod.yaml @@ -1,173 +1,92 @@ -{ - "services-auth-delegation-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "USER_NOTIFICATION_API_URL": { - "prod": "https://user-notification.internal.island.is" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-delegation-api", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "service-portal", - "user-notification-worker" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "internal": { - "host": { - "dev": "auth-delegation-api", - "staging": "auth-delegation-api", - "prod": "auth-delegation-api.internal.innskra.island.is" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "identity-server-delegation", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-delegation-api", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-delegation-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 + DB_HOST: postgres-ids.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-ids.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SYSLUMENN_HOST: https://api.syslumenn.is/api + SYSLUMENN_TIMEOUT: "3000" + USER_NOTIFICATION_API_URL: https://user-notification.internal.island.is + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: + - nginx-ingress-internal + - islandis + - service-portal + - user-notification-worker + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: auth-delegation-api.internal.innskra.island.is + paths: + - / + namespace: identity-server-delegation + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-delegation-api/values.staging.yaml b/charts/services/services-auth-delegation-api/values.staging.yaml index b6e637ef373f..1e2fbf5acb8d 100644 --- a/charts/services/services-auth-delegation-api/values.staging.yaml +++ b/charts/services/services-auth-delegation-api/values.staging.yaml @@ -1,173 +1,92 @@ -{ - "services-auth-delegation-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "USER_NOTIFICATION_API_URL": { - "prod": "https://user-notification.internal.island.is" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-delegation-api", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "service-portal", - "user-notification-worker" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "internal": { - "host": { - "dev": "auth-delegation-api", - "staging": "auth-delegation-api", - "prod": "auth-delegation-api.internal.innskra.island.is" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "identity-server-delegation", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-delegation-api", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-delegation-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + SYSLUMENN_HOST: https://api.syslumenn.is/staging + SYSLUMENN_TIMEOUT: "3000" + USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: + - nginx-ingress-internal + - islandis + - service-portal + - user-notification-worker + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: auth-delegation-api.internal.staging01.devland.is + paths: + - / + namespace: identity-server-delegation + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.dev.yaml b/charts/services/services-auth-ids-api-cleanup/values.dev.yaml index a6ed7e3ef533..74896685ac71 100644 --- a/charts/services/services-auth-ids-api-cleanup/values.dev.yaml +++ b/charts/services/services-auth-ids-api-cleanup/values.dev.yaml @@ -1,75 +1,63 @@ -{ - "services-auth-ids-api-cleanup": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-auth-ids-api-cleanup", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "identity-server", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "1024Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-auth-ids-api", - "cmds": "node", - "args": [ - "main.js", - "--job=cleanup" - ], - "postgres": { - "name": "servicesauth", - "extensions": [ - "uuid-ossp" - ], - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "extraAttributes": { - "dev": { - "schedule": "0 3 * * *" - }, - "staging": { - "schedule": "0 3 * * *" - }, - "prod": { - "schedule": "0 3 * * *" - } - } - } - } -} \ No newline at end of file +service: + name: services-auth-ids-api-cleanup + args: + - main.js + - --job=cleanup + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: servicesauth + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + - user-notification + - portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api + namespace: identity-server + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 1024Mi + requests: + cpu: 100m + memory: 256Mi + schedule: 0 3 * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.prod.yaml b/charts/services/services-auth-ids-api-cleanup/values.prod.yaml index a6ed7e3ef533..7cbd6aa64faa 100644 --- a/charts/services/services-auth-ids-api-cleanup/values.prod.yaml +++ b/charts/services/services-auth-ids-api-cleanup/values.prod.yaml @@ -1,75 +1,63 @@ -{ - "services-auth-ids-api-cleanup": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-auth-ids-api-cleanup", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "identity-server", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "1024Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-auth-ids-api", - "cmds": "node", - "args": [ - "main.js", - "--job=cleanup" - ], - "postgres": { - "name": "servicesauth", - "extensions": [ - "uuid-ossp" - ], - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "extraAttributes": { - "dev": { - "schedule": "0 3 * * *" - }, - "staging": { - "schedule": "0 3 * * *" - }, - "prod": { - "schedule": "0 3 * * *" - } - } - } - } -} \ No newline at end of file +service: + name: services-auth-ids-api-cleanup + args: + - main.js + - --job=cleanup + command: + - node + enabled: true + env: + DB_HOST: postgres-ids.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-ids.internal + DB_USER: servicesauth + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-external + - user-notification + - portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api + namespace: identity-server + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 400m + memory: 1024Mi + requests: + cpu: 100m + memory: 256Mi + schedule: 0 3 * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.staging.yaml b/charts/services/services-auth-ids-api-cleanup/values.staging.yaml index a6ed7e3ef533..89613d65aefe 100644 --- a/charts/services/services-auth-ids-api-cleanup/values.staging.yaml +++ b/charts/services/services-auth-ids-api-cleanup/values.staging.yaml @@ -1,75 +1,63 @@ -{ - "services-auth-ids-api-cleanup": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-auth-ids-api-cleanup", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "identity-server", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "1024Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-auth-ids-api", - "cmds": "node", - "args": [ - "main.js", - "--job=cleanup" - ], - "postgres": { - "name": "servicesauth", - "extensions": [ - "uuid-ossp" - ], - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "extraAttributes": { - "dev": { - "schedule": "0 3 * * *" - }, - "staging": { - "schedule": "0 3 * * *" - }, - "prod": { - "schedule": "0 3 * * *" - } - } - } - } -} \ No newline at end of file +service: + name: services-auth-ids-api-cleanup + args: + - main.js + - --job=cleanup + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: servicesauth + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + - user-notification + - portals-admin + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api + namespace: identity-server + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 1024Mi + requests: + cpu: 100m + memory: 256Mi + schedule: 0 3 * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api/values.dev.yaml b/charts/services/services-auth-ids-api/values.dev.yaml index 2172c42e0aa4..0c796aa0c8fd 100644 --- a/charts/services/services-auth-ids-api/values.dev.yaml +++ b/charts/services/services-auth-ids-api/values.dev.yaml @@ -1,241 +1,131 @@ -{ - "services-auth-ids-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "PASSKEY_CORE_MAX_AGE_DAYS": "365", - "PUBLIC_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "USER_PROFILE_CLIENT_URL": { - "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", - "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", - "prod": "https://service-portal-api.internal.island.is" - }, - "USER_PROFILE_CLIENT_SCOPE": "[\"@island.is/user-profile:read\"]", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "PASSKEY_CORE_RP_ID": "island.is", - "PASSKEY_CORE_RP_NAME": "Island.is", - "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", - "REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000" - }, - "features": {}, - "name": "services-auth-ids-api", - "grantNamespaces": [ - "nginx-ingress-external", - "user-notification" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NOVA_URL": "/k8s/services-auth/NOVA_URL", - "NOVA_USERNAME": "/k8s/services-auth/NOVA_USERNAME", - "NOVA_PASSWORD": "/k8s/services-auth/NOVA_PASSWORD", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": {}, - "namespace": "identity-server", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "800m", - "memory": "768Mi" - }, - "requests": { - "cpu": "400m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", - "staging": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", - "prod": "8271bbc2-d8de-480f-8540-ea43fc40b7ae" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-ids-api", - "postgres": { - "name": "servicesauth", - "extensions": [ - "uuid-ossp" - ], - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - }, - { - "name": "seed", - "command": "npx", - "args": [ - "sequelize-cli", - "db:seed:all" - ] - } - ], - "postgres": { - "name": "servicesauth", - "extensions": [ - "uuid-ossp" - ], - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - } - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 15 - } - } - } -} \ No newline at end of file +service: + name: services-auth-ids-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: 6cf94113-d326-4e4d-b97c-1fea12d2f5e1 + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "true" + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" + PASSKEY_CORE_MAX_AGE_DAYS: "365" + PASSKEY_CORE_RP_ID: island.is + PASSKEY_CORE_RP_NAME: Island.is + PUBLIC_URL: https://identity-server.dev01.devland.is/api + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + SYSLUMENN_HOST: https://api.syslumenn.is/staging + SYSLUMENN_TIMEOUT: "3000" + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "10001" + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + grantNamespaces: + - nginx-ingress-external + - user-notification + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + - args: + - sequelize-cli + - db:seed:all + command: + - npx + name: seed + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: servicesauth + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/servicesauth/DB_PASSWORD + namespace: identity-server + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: 800m + memory: 768Mi + requests: + cpu: 400m + memory: 512Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + NOVA_PASSWORD: /k8s/services-auth/NOVA_PASSWORD + NOVA_URL: /k8s/services-auth/NOVA_URL + NOVA_USERNAME: /k8s/services-auth/NOVA_USERNAME + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api/values.prod.yaml b/charts/services/services-auth-ids-api/values.prod.yaml index 2172c42e0aa4..c743dcc0aa28 100644 --- a/charts/services/services-auth-ids-api/values.prod.yaml +++ b/charts/services/services-auth-ids-api/values.prod.yaml @@ -1,241 +1,131 @@ -{ - "services-auth-ids-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "PASSKEY_CORE_MAX_AGE_DAYS": "365", - "PUBLIC_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "USER_PROFILE_CLIENT_URL": { - "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", - "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", - "prod": "https://service-portal-api.internal.island.is" - }, - "USER_PROFILE_CLIENT_SCOPE": "[\"@island.is/user-profile:read\"]", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "PASSKEY_CORE_RP_ID": "island.is", - "PASSKEY_CORE_RP_NAME": "Island.is", - "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", - "REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000" - }, - "features": {}, - "name": "services-auth-ids-api", - "grantNamespaces": [ - "nginx-ingress-external", - "user-notification" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NOVA_URL": "/k8s/services-auth/NOVA_URL", - "NOVA_USERNAME": "/k8s/services-auth/NOVA_USERNAME", - "NOVA_PASSWORD": "/k8s/services-auth/NOVA_PASSWORD", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": {}, - "namespace": "identity-server", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "800m", - "memory": "768Mi" - }, - "requests": { - "cpu": "400m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", - "staging": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", - "prod": "8271bbc2-d8de-480f-8540-ea43fc40b7ae" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-ids-api", - "postgres": { - "name": "servicesauth", - "extensions": [ - "uuid-ossp" - ], - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - }, - { - "name": "seed", - "command": "npx", - "args": [ - "sequelize-cli", - "db:seed:all" - ] - } - ], - "postgres": { - "name": "servicesauth", - "extensions": [ - "uuid-ossp" - ], - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - } - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 15 - } - } - } -} \ No newline at end of file +service: + name: services-auth-ids-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-ids.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-ids.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: 8271bbc2-d8de-480f-8540-ea43fc40b7ae + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "false" + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" + PASSKEY_CORE_MAX_AGE_DAYS: "365" + PASSKEY_CORE_RP_ID: island.is + PASSKEY_CORE_RP_NAME: Island.is + PUBLIC_URL: https://innskra.island.is/api + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SYSLUMENN_HOST: https://api.syslumenn.is/api + SYSLUMENN_TIMEOUT: "3000" + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: https://service-portal-api.internal.island.is + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + grantNamespaces: + - nginx-ingress-external + - user-notification + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + - args: + - sequelize-cli + - db:seed:all + command: + - npx + name: seed + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-ids.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-ids.internal + DB_USER: servicesauth + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/servicesauth/DB_PASSWORD + namespace: identity-server + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: 800m + memory: 768Mi + requests: + cpu: 400m + memory: 512Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + NOVA_PASSWORD: /k8s/services-auth/NOVA_PASSWORD + NOVA_URL: /k8s/services-auth/NOVA_URL + NOVA_USERNAME: /k8s/services-auth/NOVA_USERNAME + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-ids-api/values.staging.yaml b/charts/services/services-auth-ids-api/values.staging.yaml index 2172c42e0aa4..8fee53efd01a 100644 --- a/charts/services/services-auth-ids-api/values.staging.yaml +++ b/charts/services/services-auth-ids-api/values.staging.yaml @@ -1,241 +1,131 @@ -{ - "services-auth-ids-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "PASSKEY_CORE_MAX_AGE_DAYS": "365", - "PUBLIC_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "USER_PROFILE_CLIENT_URL": { - "dev": "http://web-service-portal-api.service-portal.svc.cluster.local", - "staging": "http://web-service-portal-api.service-portal.svc.cluster.local", - "prod": "https://service-portal-api.internal.island.is" - }, - "USER_PROFILE_CLIENT_SCOPE": "[\"@island.is/user-profile:read\"]", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - }, - "NOVA_ACCEPT_UNAUTHORIZED": { - "dev": "true", - "staging": "false", - "prod": "false" - }, - "PASSKEY_CORE_RP_ID": "island.is", - "PASSKEY_CORE_RP_NAME": "Island.is", - "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", - "REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000" - }, - "features": {}, - "name": "services-auth-ids-api", - "grantNamespaces": [ - "nginx-ingress-external", - "user-notification" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NOVA_URL": "/k8s/services-auth/NOVA_URL", - "NOVA_USERNAME": "/k8s/services-auth/NOVA_USERNAME", - "NOVA_PASSWORD": "/k8s/services-auth/NOVA_PASSWORD", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": {}, - "namespace": "identity-server", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "800m", - "memory": "768Mi" - }, - "requests": { - "cpu": "400m", - "memory": "512Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", - "staging": "6cf94113-d326-4e4d-b97c-1fea12d2f5e1", - "prod": "8271bbc2-d8de-480f-8540-ea43fc40b7ae" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-ids-api", - "postgres": { - "name": "servicesauth", - "extensions": [ - "uuid-ossp" - ], - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - }, - { - "name": "seed", - "command": "npx", - "args": [ - "sequelize-cli", - "db:seed:all" - ] - } - ], - "postgres": { - "name": "servicesauth", - "extensions": [ - "uuid-ossp" - ], - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - } - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 15 - } - } - } -} \ No newline at end of file +service: + name: services-auth-ids-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NATIONAL_REGISTRY_B2C_CLIENT_ID: 6cf94113-d326-4e4d-b97c-1fea12d2f5e1 + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + NOVA_ACCEPT_UNAUTHORIZED: "false" + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" + PASSKEY_CORE_MAX_AGE_DAYS: "365" + PASSKEY_CORE_RP_ID: island.is + PASSKEY_CORE_RP_NAME: Island.is + PUBLIC_URL: https://identity-server.staging01.devland.is/api + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + SYSLUMENN_HOST: https://api.syslumenn.is/staging + SYSLUMENN_TIMEOUT: "3000" + USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' + USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + grantNamespaces: + - nginx-ingress-external + - user-notification + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 15 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + - args: + - sequelize-cli + - db:seed:all + command: + - npx + name: seed + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: servicesauth + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/servicesauth/DB_PASSWORD + namespace: identity-server + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 15 + min: 2 + resources: + limits: + cpu: 800m + memory: 768Mi + requests: + cpu: 400m + memory: 512Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + NOVA_PASSWORD: /k8s/services-auth/NOVA_PASSWORD + NOVA_URL: /k8s/services-auth/NOVA_URL + NOVA_USERNAME: /k8s/services-auth/NOVA_USERNAME + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.dev.yaml b/charts/services/services-auth-personal-representative-public/values.dev.yaml index 208612f652a0..2bb71b7f092f 100644 --- a/charts/services/services-auth-personal-representative-public/values.dev.yaml +++ b/charts/services/services-auth-personal-representative-public/values.dev.yaml @@ -1,73 +1,63 @@ -{ - "services-auth-personal-representative-public": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-auth-personal-representative-public", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "personal-representative-public-xrd.internal.dev01.devland.is", - "staging": "personal-representative-public-xrd.internal.staging01.devland.is", - "prod": "personal-representative-public-xrd.internal.innskra.island.is" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "personal-representative", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-auth-personal-representative-public", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-personal-representative-public + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: servicesauth + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: personal-representative-public-xrd.internal.dev01.devland.is + paths: + - / + namespace: personal-representative + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.prod.yaml b/charts/services/services-auth-personal-representative-public/values.prod.yaml index 208612f652a0..89ffa2af4201 100644 --- a/charts/services/services-auth-personal-representative-public/values.prod.yaml +++ b/charts/services/services-auth-personal-representative-public/values.prod.yaml @@ -1,73 +1,63 @@ -{ - "services-auth-personal-representative-public": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-auth-personal-representative-public", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "personal-representative-public-xrd.internal.dev01.devland.is", - "staging": "personal-representative-public-xrd.internal.staging01.devland.is", - "prod": "personal-representative-public-xrd.internal.innskra.island.is" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "personal-representative", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-auth-personal-representative-public", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-personal-representative-public + enabled: true + env: + DB_HOST: postgres-ids.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-ids.internal + DB_USER: servicesauth + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: personal-representative-public-xrd.internal.innskra.island.is + paths: + - / + namespace: personal-representative + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.staging.yaml b/charts/services/services-auth-personal-representative-public/values.staging.yaml index 208612f652a0..2779ccc39977 100644 --- a/charts/services/services-auth-personal-representative-public/values.staging.yaml +++ b/charts/services/services-auth-personal-representative-public/values.staging.yaml @@ -1,73 +1,63 @@ -{ - "services-auth-personal-representative-public": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-auth-personal-representative-public", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "personal-representative-public-xrd.internal.dev01.devland.is", - "staging": "personal-representative-public-xrd.internal.staging01.devland.is", - "prod": "personal-representative-public-xrd.internal.innskra.island.is" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "personal-representative", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-auth-personal-representative-public", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-personal-representative-public + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: servicesauth + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: personal-representative-public-xrd.internal.staging01.devland.is + paths: + - / + namespace: personal-representative + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative/values.dev.yaml b/charts/services/services-auth-personal-representative/values.dev.yaml index b2b791647b8d..42561c65ce0a 100644 --- a/charts/services/services-auth-personal-representative/values.dev.yaml +++ b/charts/services/services-auth-personal-representative/values.dev.yaml @@ -1,164 +1,86 @@ -{ - "services-auth-personal-representative": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-personal-representative", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "primary": { - "host": { - "dev": "personal-representative-xrd.internal.dev01.devland.is", - "staging": "personal-representative-xrd.internal.staging01.devland.is", - "prod": "personal-representative-xrd.internal.innskra.island.is" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "personal-representative", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-personal-representative", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-personal-representative + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + SYSLUMENN_HOST: https://api.syslumenn.is/staging + SYSLUMENN_TIMEOUT: "3000" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: personal-representative-xrd.internal.dev01.devland.is + paths: + - / + namespace: personal-representative + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative/values.prod.yaml b/charts/services/services-auth-personal-representative/values.prod.yaml index b2b791647b8d..eb8dc630d3f9 100644 --- a/charts/services/services-auth-personal-representative/values.prod.yaml +++ b/charts/services/services-auth-personal-representative/values.prod.yaml @@ -1,164 +1,86 @@ -{ - "services-auth-personal-representative": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-personal-representative", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "primary": { - "host": { - "dev": "personal-representative-xrd.internal.dev01.devland.is", - "staging": "personal-representative-xrd.internal.staging01.devland.is", - "prod": "personal-representative-xrd.internal.innskra.island.is" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "personal-representative", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-personal-representative", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-personal-representative + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 + DB_HOST: postgres-ids.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-ids.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SYSLUMENN_HOST: https://api.syslumenn.is/api + SYSLUMENN_TIMEOUT: "3000" + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: personal-representative-xrd.internal.innskra.island.is + paths: + - / + namespace: personal-representative + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-personal-representative/values.staging.yaml b/charts/services/services-auth-personal-representative/values.staging.yaml index b2b791647b8d..564ceaec3a9d 100644 --- a/charts/services/services-auth-personal-representative/values.staging.yaml +++ b/charts/services/services-auth-personal-representative/values.staging.yaml @@ -1,164 +1,86 @@ -{ - "services-auth-personal-representative": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-personal-representative", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "primary": { - "host": { - "dev": "personal-representative-xrd.internal.dev01.devland.is", - "staging": "personal-representative-xrd.internal.staging01.devland.is", - "prod": "personal-representative-xrd.internal.innskra.island.is" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "personal-representative", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-personal-representative", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-personal-representative + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + SYSLUMENN_HOST: https://api.syslumenn.is/staging + SYSLUMENN_TIMEOUT: "3000" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: personal-representative-xrd.internal.staging01.devland.is + paths: + - / + namespace: personal-representative + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-public-api/values.dev.yaml b/charts/services/services-auth-public-api/values.dev.yaml index 5554fa826b33..82c8560a177e 100644 --- a/charts/services/services-auth-public-api/values.dev.yaml +++ b/charts/services/services-auth-public-api/values.dev.yaml @@ -1,205 +1,102 @@ -{ - "services-auth-public-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "PUBLIC_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - }, - "PASSKEY_CORE_RP_ID": "island.is", - "PASSKEY_CORE_RP_NAME": "Island.is", - "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", - "REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-public-api", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "paths": [ - "/api(/|$)(.*)" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/rewrite-target": "/$2" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/rewrite-target": "/$2" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/rewrite-target": "/$2" - } - } - } - }, - "namespace": "identity-server-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "384Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-public-api", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-public-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" + PASSKEY_CORE_RP_ID: island.is + PASSKEY_CORE_RP_NAME: Island.is + PUBLIC_URL: https://identity-server.dev01.devland.is/api + REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + SYSLUMENN_HOST: https://api.syslumenn.is/staging + SYSLUMENN_TIMEOUT: "3000" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "10001" + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: + - nginx-ingress-external + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/rewrite-target: /$2 + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: identity-server.dev01.devland.is + paths: + - /api(/|$)(.*) + namespace: identity-server-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 384Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-public-api/values.prod.yaml b/charts/services/services-auth-public-api/values.prod.yaml index 5554fa826b33..f2ff92d0f2c9 100644 --- a/charts/services/services-auth-public-api/values.prod.yaml +++ b/charts/services/services-auth-public-api/values.prod.yaml @@ -1,205 +1,102 @@ -{ - "services-auth-public-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "PUBLIC_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - }, - "PASSKEY_CORE_RP_ID": "island.is", - "PASSKEY_CORE_RP_NAME": "Island.is", - "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", - "REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-public-api", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "paths": [ - "/api(/|$)(.*)" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/rewrite-target": "/$2" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/rewrite-target": "/$2" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/rewrite-target": "/$2" - } - } - } - }, - "namespace": "identity-server-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "384Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-public-api", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-public-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 + DB_HOST: postgres-ids.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-ids.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" + PASSKEY_CORE_RP_ID: island.is + PASSKEY_CORE_RP_NAME: Island.is + PUBLIC_URL: https://innskra.island.is/api + REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SYSLUMENN_HOST: https://api.syslumenn.is/api + SYSLUMENN_TIMEOUT: "3000" + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: + - nginx-ingress-external + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/rewrite-target: /$2 + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: innskra.island.is + paths: + - /api(/|$)(.*) + namespace: identity-server-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 384Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-auth-public-api/values.staging.yaml b/charts/services/services-auth-public-api/values.staging.yaml index 5554fa826b33..46d2cda511f1 100644 --- a/charts/services/services-auth-public-api/values.staging.yaml +++ b/charts/services/services-auth-public-api/values.staging.yaml @@ -1,205 +1,102 @@ -{ - "services-auth-public-api": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/auth-api", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "PUBLIC_URL": { - "dev": "https://identity-server.dev01.devland.is/api", - "staging": "https://identity-server.staging01.devland.is/api", - "prod": "https://innskra.island.is/api" - }, - "XROAD_TJODSKRA_API_PATH": "/SKRA-Protected/Einstaklingar-v1", - "XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN": "true", - "XROAD_RSK_PROCURING_ACTOR_TOKEN": "true", - "XROAD_NATIONAL_REGISTRY_SERVICE_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1", - "prod": "IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1" - }, - "XROAD_NATIONAL_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_RSK_PROCURING_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "XROAD_TJODSKRA_MEMBER_CODE": { - "prod": "6503760649", - "dev": "10001", - "staging": "6503760649" - }, - "PASSKEY_CORE_RP_ID": "island.is", - "PASSKEY_CORE_RP_NAME": "Island.is", - "PASSKEY_CORE_CHALLENGE_TTL_MS": "120000", - "REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379\"]" - }, - "PASSKEY_CORE_ALLOWED_ORIGINS": "[\"https://island.is\",\"android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0\",\"android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU\"]", - "SYSLUMENN_HOST": { - "dev": "https://api.syslumenn.is/staging", - "staging": "https://api.syslumenn.is/staging", - "prod": "https://api.syslumenn.is/api" - }, - "SYSLUMENN_TIMEOUT": "3000", - "ZENDESK_CONTACT_FORM_SUBDOMAIN": { - "prod": "digitaliceland", - "staging": "digitaliceland", - "dev": "digitaliceland" - } - }, - "features": {}, - "name": "services-auth-public-api", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "ZENDESK_CONTACT_FORM_EMAIL": "/k8s/api/ZENDESK_CONTACT_FORM_EMAIL", - "ZENDESK_CONTACT_FORM_TOKEN": "/k8s/api/ZENDESK_CONTACT_FORM_TOKEN", - "ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE": "/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET", - "NATIONAL_REGISTRY_IDS_CLIENT_SECRET": "/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET", - "SYSLUMENN_USERNAME": "/k8s/services-auth/SYSLUMENN_USERNAME", - "SYSLUMENN_PASSWORD": "/k8s/services-auth/SYSLUMENN_PASSWORD" - }, - "ingress": { - "primary": { - "host": { - "dev": "identity-server.dev01.devland.is", - "staging": "identity-server.staging01.devland.is", - "prod": "innskra.island.is" - }, - "paths": [ - "/api(/|$)(.*)" - ], - "public": true, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/rewrite-target": "/$2" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/rewrite-target": "/$2" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k", - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/rewrite-target": "/$2" - } - } - } - }, - "namespace": "identity-server-admin", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "384Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_RSK_PROCURING_PATH": { - "dev": "IS-DEV/GOV/10006/Skatturinn/relationships-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/relationships-v1", - "prod": "IS/GOV/5402696029/Skatturinn/relationships-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-auth-public-api", - "postgres": { - "name": "servicesauth", - "username": "servicesauth", - "passwordSecret": "/k8s/servicesauth/DB_PASSWORD" - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-auth-public-api + enabled: true + env: + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 + DB_HOST: postgres-applications.internal + DB_NAME: servicesauth + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: servicesauth + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' + PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" + PASSKEY_CORE_RP_ID: island.is + PASSKEY_CORE_RP_NAME: Island.is + PUBLIC_URL: https://identity-server.staging01.devland.is/api + REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + SYSLUMENN_HOST: https://api.syslumenn.is/staging + SYSLUMENN_TIMEOUT: "3000" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 + XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" + XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 + XROAD_TJODSKRA_MEMBER_CODE: "6503760649" + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + grantNamespaces: + - nginx-ingress-external + - nginx-ingress-internal + - islandis + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/rewrite-target: /$2 + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: identity-server.staging01.devland.is + paths: + - /api(/|$)(.*) + namespace: identity-server-admin + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 384Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/servicesauth/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET + SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD + SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL + ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-bff-portals-admin/values.dev.yaml b/charts/services/services-bff-portals-admin/values.dev.yaml index ccd8cf51242a..d6ba4a4f3ee8 100644 --- a/charts/services/services-bff-portals-admin/values.dev.yaml +++ b/charts/services/services-bff-portals-admin/values.dev.yaml @@ -1,132 +1,85 @@ -{ - "services-bff-portals-admin": { - "serviceDef": { - "liveness": { - "path": "/stjornbord/bff/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/stjornbord/bff/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_SCOPES": "[\"@admin.island.is/delegations\",\"@admin.island.is/ads\",\"@admin.island.is/regulations\",\"@admin.island.is/regulations:manage\",\"@admin.island.is/icelandic-names-registry\",\"@admin.island.is/application-system:admin\",\"@admin.island.is/application-system:institution\",\"@admin.island.is/document-provider\",\"@admin.island.is/auth\",\"@admin.island.is/auth:admin\",\"@admin.island.is/petitions\",\"@admin.island.is/service-desk\",\"@admin.island.is/ads:explicit\",\"@admin.island.is/signature-collection:manage\",\"@admin.island.is/signature-collection:process\",\"@admin.island.is/form-system\",\"@admin.island.is/form-system:admin\",\"@admin.island.is/delegation-system\",\"@admin.island.is/delegation-system:admin\"]", - "IDENTITY_SERVER_CLIENT_ID": "@admin.island.is/bff-stjornbord", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "BFF_NAME": { - "local": "stjornbord", - "dev": "stjornbord", - "staging": "stjornbord", - "prod": "stjornbord" - }, - "BFF_CLIENT_KEY_PATH": "/stjornbord", - "BFF_PAR_SUPPORT_ENABLED": "true", - "BFF_CLIENT_BASE_URL": { - "local": "http://localhost:4200", - "prod": "https://island.is" - }, - "BFF_ALLOWED_REDIRECT_URIS": { - "local": "[\"http://localhost:4200/stjornbord\"]", - "prod": "[\"https://island.is\"]" - }, - "BFF_LOGOUT_REDIRECT_URI": { - "local": "http://localhost:4200/stjornbord", - "prod": "https://island.is" - }, - "BFF_CALLBACKS_BASE_PATH": { - "local": "http://localhost:3010/stjornbord/bff/callbacks" - }, - "BFF_PROXY_API_ENDPOINT": { - "local": "http://localhost:4444/api/graphql" - }, - "BFF_CACHE_USER_PROFILE_TTL_MS": "3595000", - "BFF_LOGIN_ATTEMPT_TTL_MS": "604800000", - "BFF_ALLOWED_EXTERNAL_API_URLS": { - "local": "[\"http://localhost:3377/download/v1\"]", - "dev": "[\"https://api.dev01.devland.is\"]", - "staging": "[\"https://api.staging01.devland.is\"]", - "prod": "[\"https://api.island.is\"]" - } - }, - "features": {}, - "name": "services-bff-portals-admin", - "grantNamespaces": [ - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "BFF_TOKEN_SECRET_BASE64": "/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET", - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/stjornbord/bff" - ] - } - }, - "namespace": "portals-admin", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-bff", - "redis": {}, - "accountName": "services-bff", - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-bff-portals-admin + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: "3595000" + BFF_CALLBACKS_BASE_PATH: https://beta.dev01.devland.is/stjornbord/bff/callbacks + BFF_CLIENT_BASE_URL: https://beta.dev01.devland.is + BFF_CLIENT_KEY_PATH: /stjornbord + BFF_LOGIN_ATTEMPT_TTL_MS: "604800000" + BFF_LOGOUT_REDIRECT_URI: https://beta.dev01.devland.is + BFF_NAME: stjornbord + BFF_PAR_SUPPORT_ENABLED: "true" + BFF_PROXY_API_ENDPOINT: http://web-api.islandis.svc.cluster.local/api/graphql + IDENTITY_SERVER_CLIENT_ID: "@admin.island.is/bff-stjornbord" + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /stjornbord/bff/liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /stjornbord/bff/health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.dev01.devland.is + paths: + - /stjornbord/bff + namespace: portals-admin + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + BFF_TOKEN_SECRET_BASE64: /k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64 + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/services-bff + create: true + name: services-bff diff --git a/charts/services/services-bff-portals-admin/values.prod.yaml b/charts/services/services-bff-portals-admin/values.prod.yaml index ccd8cf51242a..fdfb2a96d34e 100644 --- a/charts/services/services-bff-portals-admin/values.prod.yaml +++ b/charts/services/services-bff-portals-admin/values.prod.yaml @@ -1,132 +1,87 @@ -{ - "services-bff-portals-admin": { - "serviceDef": { - "liveness": { - "path": "/stjornbord/bff/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/stjornbord/bff/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_SCOPES": "[\"@admin.island.is/delegations\",\"@admin.island.is/ads\",\"@admin.island.is/regulations\",\"@admin.island.is/regulations:manage\",\"@admin.island.is/icelandic-names-registry\",\"@admin.island.is/application-system:admin\",\"@admin.island.is/application-system:institution\",\"@admin.island.is/document-provider\",\"@admin.island.is/auth\",\"@admin.island.is/auth:admin\",\"@admin.island.is/petitions\",\"@admin.island.is/service-desk\",\"@admin.island.is/ads:explicit\",\"@admin.island.is/signature-collection:manage\",\"@admin.island.is/signature-collection:process\",\"@admin.island.is/form-system\",\"@admin.island.is/form-system:admin\",\"@admin.island.is/delegation-system\",\"@admin.island.is/delegation-system:admin\"]", - "IDENTITY_SERVER_CLIENT_ID": "@admin.island.is/bff-stjornbord", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "BFF_NAME": { - "local": "stjornbord", - "dev": "stjornbord", - "staging": "stjornbord", - "prod": "stjornbord" - }, - "BFF_CLIENT_KEY_PATH": "/stjornbord", - "BFF_PAR_SUPPORT_ENABLED": "true", - "BFF_CLIENT_BASE_URL": { - "local": "http://localhost:4200", - "prod": "https://island.is" - }, - "BFF_ALLOWED_REDIRECT_URIS": { - "local": "[\"http://localhost:4200/stjornbord\"]", - "prod": "[\"https://island.is\"]" - }, - "BFF_LOGOUT_REDIRECT_URI": { - "local": "http://localhost:4200/stjornbord", - "prod": "https://island.is" - }, - "BFF_CALLBACKS_BASE_PATH": { - "local": "http://localhost:3010/stjornbord/bff/callbacks" - }, - "BFF_PROXY_API_ENDPOINT": { - "local": "http://localhost:4444/api/graphql" - }, - "BFF_CACHE_USER_PROFILE_TTL_MS": "3595000", - "BFF_LOGIN_ATTEMPT_TTL_MS": "604800000", - "BFF_ALLOWED_EXTERNAL_API_URLS": { - "local": "[\"http://localhost:3377/download/v1\"]", - "dev": "[\"https://api.dev01.devland.is\"]", - "staging": "[\"https://api.staging01.devland.is\"]", - "prod": "[\"https://api.island.is\"]" - } - }, - "features": {}, - "name": "services-bff-portals-admin", - "grantNamespaces": [ - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "BFF_TOKEN_SECRET_BASE64": "/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET", - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/stjornbord/bff" - ] - } - }, - "namespace": "portals-admin", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-bff", - "redis": {}, - "accountName": "services-bff", - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-bff-portals-admin + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: "3595000" + BFF_CALLBACKS_BASE_PATH: https://island.is/stjornbord/bff/callbacks + BFF_CLIENT_BASE_URL: https://island.is + BFF_CLIENT_KEY_PATH: /stjornbord + BFF_LOGIN_ATTEMPT_TTL_MS: "604800000" + BFF_LOGOUT_REDIRECT_URI: https://island.is + BFF_NAME: stjornbord + BFF_PAR_SUPPORT_ENABLED: "true" + BFF_PROXY_API_ENDPOINT: http://web-api.islandis.svc.cluster.local/api/graphql + IDENTITY_SERVER_CLIENT_ID: "@admin.island.is/bff-stjornbord" + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /stjornbord/bff/liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /stjornbord/bff/health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: island.is + paths: + - /stjornbord/bff + - host: www.island.is + paths: + - /stjornbord/bff + namespace: portals-admin + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + BFF_TOKEN_SECRET_BASE64: /k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64 + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/services-bff + create: true + name: services-bff diff --git a/charts/services/services-bff-portals-admin/values.staging.yaml b/charts/services/services-bff-portals-admin/values.staging.yaml index ccd8cf51242a..9bc9d67f5bf4 100644 --- a/charts/services/services-bff-portals-admin/values.staging.yaml +++ b/charts/services/services-bff-portals-admin/values.staging.yaml @@ -1,132 +1,85 @@ -{ - "services-bff-portals-admin": { - "serviceDef": { - "liveness": { - "path": "/stjornbord/bff/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/stjornbord/bff/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_SCOPES": "[\"@admin.island.is/delegations\",\"@admin.island.is/ads\",\"@admin.island.is/regulations\",\"@admin.island.is/regulations:manage\",\"@admin.island.is/icelandic-names-registry\",\"@admin.island.is/application-system:admin\",\"@admin.island.is/application-system:institution\",\"@admin.island.is/document-provider\",\"@admin.island.is/auth\",\"@admin.island.is/auth:admin\",\"@admin.island.is/petitions\",\"@admin.island.is/service-desk\",\"@admin.island.is/ads:explicit\",\"@admin.island.is/signature-collection:manage\",\"@admin.island.is/signature-collection:process\",\"@admin.island.is/form-system\",\"@admin.island.is/form-system:admin\",\"@admin.island.is/delegation-system\",\"@admin.island.is/delegation-system:admin\"]", - "IDENTITY_SERVER_CLIENT_ID": "@admin.island.is/bff-stjornbord", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "BFF_NAME": { - "local": "stjornbord", - "dev": "stjornbord", - "staging": "stjornbord", - "prod": "stjornbord" - }, - "BFF_CLIENT_KEY_PATH": "/stjornbord", - "BFF_PAR_SUPPORT_ENABLED": "true", - "BFF_CLIENT_BASE_URL": { - "local": "http://localhost:4200", - "prod": "https://island.is" - }, - "BFF_ALLOWED_REDIRECT_URIS": { - "local": "[\"http://localhost:4200/stjornbord\"]", - "prod": "[\"https://island.is\"]" - }, - "BFF_LOGOUT_REDIRECT_URI": { - "local": "http://localhost:4200/stjornbord", - "prod": "https://island.is" - }, - "BFF_CALLBACKS_BASE_PATH": { - "local": "http://localhost:3010/stjornbord/bff/callbacks" - }, - "BFF_PROXY_API_ENDPOINT": { - "local": "http://localhost:4444/api/graphql" - }, - "BFF_CACHE_USER_PROFILE_TTL_MS": "3595000", - "BFF_LOGIN_ATTEMPT_TTL_MS": "604800000", - "BFF_ALLOWED_EXTERNAL_API_URLS": { - "local": "[\"http://localhost:3377/download/v1\"]", - "dev": "[\"https://api.dev01.devland.is\"]", - "staging": "[\"https://api.staging01.devland.is\"]", - "prod": "[\"https://api.island.is\"]" - } - }, - "features": {}, - "name": "services-bff-portals-admin", - "grantNamespaces": [ - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "BFF_TOKEN_SECRET_BASE64": "/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET", - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/enable-global-auth": "false", - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/stjornbord/bff" - ] - } - }, - "namespace": "portals-admin", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-bff", - "redis": {}, - "accountName": "services-bff", - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-bff-portals-admin + enabled: true + env: + BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' + BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' + BFF_CACHE_USER_PROFILE_TTL_MS: "3595000" + BFF_CALLBACKS_BASE_PATH: https://beta.staging01.devland.is/stjornbord/bff/callbacks + BFF_CLIENT_BASE_URL: https://beta.staging01.devland.is + BFF_CLIENT_KEY_PATH: /stjornbord + BFF_LOGIN_ATTEMPT_TTL_MS: "604800000" + BFF_LOGOUT_REDIRECT_URI: https://beta.staging01.devland.is + BFF_NAME: stjornbord + BFF_PAR_SUPPORT_ENABLED: "true" + BFF_PROXY_API_ENDPOINT: http://web-api.islandis.svc.cluster.local/api/graphql + IDENTITY_SERVER_CLIENT_ID: "@admin.island.is/bff-stjornbord" + IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /stjornbord/bff/liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /stjornbord/bff/health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/enable-global-auth: "false" + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.staging01.devland.is + paths: + - /stjornbord/bff + namespace: portals-admin + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + BFF_TOKEN_SECRET_BASE64: /k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64 + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/services-bff + create: true + name: services-bff diff --git a/charts/services/services-documents/values.dev.yaml b/charts/services/services-documents/values.dev.yaml index 1c7719f4cad1..94c4fb1d3a8a 100644 --- a/charts/services/services-documents/values.dev.yaml +++ b/charts/services/services-documents/values.dev.yaml @@ -1,79 +1,79 @@ -{ - "services-documents": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-documents", - "grantNamespaces": [ - "islandis", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "services-documents", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-documents", - "postgres": { - "username": "services_documents", - "passwordSecret": "/k8s/services-documents/DB_PASSWORD", - "name": "services_documents" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "services_documents", - "passwordSecret": "/k8s/services-documents/DB_PASSWORD", - "name": "services_documents" - } - } - } - } -} \ No newline at end of file +service: + name: services-documents + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_documents + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: services_documents + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - islandis + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_documents + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: services_documents + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/services-documents/DB_PASSWORD + namespace: services-documents + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-documents/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-documents/values.prod.yaml b/charts/services/services-documents/values.prod.yaml index 1c7719f4cad1..1007f2840861 100644 --- a/charts/services/services-documents/values.prod.yaml +++ b/charts/services/services-documents/values.prod.yaml @@ -1,79 +1,79 @@ -{ - "services-documents": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-documents", - "grantNamespaces": [ - "islandis", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "services-documents", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-documents", - "postgres": { - "username": "services_documents", - "passwordSecret": "/k8s/services-documents/DB_PASSWORD", - "name": "services_documents" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "services_documents", - "passwordSecret": "/k8s/services-documents/DB_PASSWORD", - "name": "services_documents" - } - } - } - } -} \ No newline at end of file +service: + name: services-documents + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_documents + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_documents + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - islandis + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_documents + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_documents + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/services-documents/DB_PASSWORD + namespace: services-documents + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-documents/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-documents/values.staging.yaml b/charts/services/services-documents/values.staging.yaml index 1c7719f4cad1..f6329acd5db3 100644 --- a/charts/services/services-documents/values.staging.yaml +++ b/charts/services/services-documents/values.staging.yaml @@ -1,79 +1,79 @@ -{ - "services-documents": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-documents", - "grantNamespaces": [ - "islandis", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "services-documents", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-documents", - "postgres": { - "username": "services_documents", - "passwordSecret": "/k8s/services-documents/DB_PASSWORD", - "name": "services_documents" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "services_documents", - "passwordSecret": "/k8s/services-documents/DB_PASSWORD", - "name": "services_documents" - } - } - } - } -} \ No newline at end of file +service: + name: services-documents + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_documents + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_documents + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - islandis + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_documents + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_documents + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/services-documents/DB_PASSWORD + namespace: services-documents + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-documents/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-sessions-cleanup/values.dev.yaml b/charts/services/services-sessions-cleanup/values.dev.yaml index 17e9ebd2a82a..802f4e99811a 100644 --- a/charts/services/services-sessions-cleanup/values.dev.yaml +++ b/charts/services/services-sessions-cleanup/values.dev.yaml @@ -1,70 +1,62 @@ -{ - "services-sessions-cleanup": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "services-sessions-cleanup", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "services-sessions", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-sessions", - "cmds": "node", - "args": [ - "main.js", - "--job=cleanup" - ], - "postgres": { - "name": "services_sessions", - "extensions": [ - "uuid-ossp" - ], - "readOnly": false, - "username": "services_sessions", - "passwordSecret": "/k8s/services-sessions/DB_PASSWORD" - }, - "extraAttributes": { - "dev": { - "schedule": "0 3 * * *" - }, - "staging": { - "schedule": "0 3 * * *" - }, - "prod": { - "schedule": "0 3 * * *" - } - } - } - } -} \ No newline at end of file +service: + name: services-sessions-cleanup + args: + - main.js + - --job=cleanup + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: services_sessions + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + namespace: services-sessions + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + schedule: 0 3 * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-sessions/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-sessions-cleanup/values.prod.yaml b/charts/services/services-sessions-cleanup/values.prod.yaml index 17e9ebd2a82a..f3e11d30b1a1 100644 --- a/charts/services/services-sessions-cleanup/values.prod.yaml +++ b/charts/services/services-sessions-cleanup/values.prod.yaml @@ -1,70 +1,62 @@ -{ - "services-sessions-cleanup": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "services-sessions-cleanup", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "services-sessions", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-sessions", - "cmds": "node", - "args": [ - "main.js", - "--job=cleanup" - ], - "postgres": { - "name": "services_sessions", - "extensions": [ - "uuid-ossp" - ], - "readOnly": false, - "username": "services_sessions", - "passwordSecret": "/k8s/services-sessions/DB_PASSWORD" - }, - "extraAttributes": { - "dev": { - "schedule": "0 3 * * *" - }, - "staging": { - "schedule": "0 3 * * *" - }, - "prod": { - "schedule": "0 3 * * *" - } - } - } - } -} \ No newline at end of file +service: + name: services-sessions-cleanup + args: + - main.js + - --job=cleanup + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_sessions + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + namespace: services-sessions + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + schedule: 0 3 * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-sessions/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-sessions-cleanup/values.staging.yaml b/charts/services/services-sessions-cleanup/values.staging.yaml index 17e9ebd2a82a..a8fe616b33dc 100644 --- a/charts/services/services-sessions-cleanup/values.staging.yaml +++ b/charts/services/services-sessions-cleanup/values.staging.yaml @@ -1,70 +1,62 @@ -{ - "services-sessions-cleanup": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "services-sessions-cleanup", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "services-sessions", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-sessions", - "cmds": "node", - "args": [ - "main.js", - "--job=cleanup" - ], - "postgres": { - "name": "services_sessions", - "extensions": [ - "uuid-ossp" - ], - "readOnly": false, - "username": "services_sessions", - "passwordSecret": "/k8s/services-sessions/DB_PASSWORD" - }, - "extraAttributes": { - "dev": { - "schedule": "0 3 * * *" - }, - "staging": { - "schedule": "0 3 * * *" - }, - "prod": { - "schedule": "0 3 * * *" - } - } - } - } -} \ No newline at end of file +service: + name: services-sessions-cleanup + args: + - main.js + - --job=cleanup + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_sessions + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + namespace: services-sessions + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + schedule: 0 3 * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-sessions/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-sessions-worker/values.dev.yaml b/charts/services/services-sessions-worker/values.dev.yaml index 32b1fae317df..55d1a5149315 100644 --- a/charts/services/services-sessions-worker/values.dev.yaml +++ b/charts/services/services-sessions-worker/values.dev.yaml @@ -1,92 +1,96 @@ -{ - "services-sessions-worker": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "REDIS_USE_SSL": "true" - }, - "features": {}, - "name": "services-sessions-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "services-sessions", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-sessions", - "redis": {}, - "accountName": "sessions-worker", - "cmds": "node", - "args": [ - "main.js", - "--job=worker" - ], - "postgres": { - "extensions": [ - "uuid-ossp" - ], - "readOnly": false, - "username": "services_sessions", - "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", - "name": "services_sessions" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "extensions": [ - "uuid-ossp" - ], - "readOnly": false, - "username": "services_sessions", - "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", - "name": "services_sessions" - } - } - } - } -} \ No newline at end of file +service: + name: services-sessions-worker + args: + - main.js + - --job=worker + command: + - node + enabled: true + env: + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: services_sessions + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: services_sessions + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/services-sessions/DB_PASSWORD + namespace: services-sessions + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-sessions/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/sessions-worker + create: true + name: sessions-worker diff --git a/charts/services/services-sessions-worker/values.prod.yaml b/charts/services/services-sessions-worker/values.prod.yaml index 32b1fae317df..f9655064bdcd 100644 --- a/charts/services/services-sessions-worker/values.prod.yaml +++ b/charts/services/services-sessions-worker/values.prod.yaml @@ -1,92 +1,96 @@ -{ - "services-sessions-worker": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "REDIS_USE_SSL": "true" - }, - "features": {}, - "name": "services-sessions-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "services-sessions", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-sessions", - "redis": {}, - "accountName": "sessions-worker", - "cmds": "node", - "args": [ - "main.js", - "--job=worker" - ], - "postgres": { - "extensions": [ - "uuid-ossp" - ], - "readOnly": false, - "username": "services_sessions", - "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", - "name": "services_sessions" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "extensions": [ - "uuid-ossp" - ], - "readOnly": false, - "username": "services_sessions", - "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", - "name": "services_sessions" - } - } - } - } -} \ No newline at end of file +service: + name: services-sessions-worker + args: + - main.js + - --job=worker + command: + - node + enabled: true + env: + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_sessions + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_sessions + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/services-sessions/DB_PASSWORD + namespace: services-sessions + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-sessions/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/sessions-worker + create: true + name: sessions-worker diff --git a/charts/services/services-sessions-worker/values.staging.yaml b/charts/services/services-sessions-worker/values.staging.yaml index 32b1fae317df..9a51a1e727d2 100644 --- a/charts/services/services-sessions-worker/values.staging.yaml +++ b/charts/services/services-sessions-worker/values.staging.yaml @@ -1,92 +1,96 @@ -{ - "services-sessions-worker": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "REDIS_USE_SSL": "true" - }, - "features": {}, - "name": "services-sessions-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "services-sessions", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "100m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-sessions", - "redis": {}, - "accountName": "sessions-worker", - "cmds": "node", - "args": [ - "main.js", - "--job=worker" - ], - "postgres": { - "extensions": [ - "uuid-ossp" - ], - "readOnly": false, - "username": "services_sessions", - "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", - "name": "services_sessions" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "extensions": [ - "uuid-ossp" - ], - "readOnly": false, - "username": "services_sessions", - "passwordSecret": "/k8s/services-sessions/DB_PASSWORD", - "name": "services_sessions" - } - } - } - } -} \ No newline at end of file +service: + name: services-sessions-worker + args: + - main.js + - --job=worker + command: + - node + enabled: true + env: + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_sessions + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_EXTENSIONS: uuid-ossp + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_sessions + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/services-sessions/DB_PASSWORD + namespace: services-sessions + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-sessions/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/sessions-worker + create: true + name: sessions-worker diff --git a/charts/services/services-sessions/values.dev.yaml b/charts/services/services-sessions/values.dev.yaml index 094fd86865d6..74a8ce33cdc6 100644 --- a/charts/services/services-sessions/values.dev.yaml +++ b/charts/services/services-sessions/values.dev.yaml @@ -1,83 +1,68 @@ -{ - "services-sessions": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "REDIS_USE_SSL": "true" - }, - "features": {}, - "name": "services-sessions", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "internal": { - "host": { - "dev": "sessions-api", - "staging": "sessions-api", - "prod": "sessions-api" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "services-sessions", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "250m", - "memory": "512Mi" - }, - "requests": { - "cpu": "25m", - "memory": "300Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-sessions", - "redis": {}, - "postgres": { - "readOnly": true, - "extensions": [ - "uuid-ossp" - ], - "username": "services_sessions_read", - "passwordSecret": "/k8s/services-sessions/readonly/DB_PASSWORD", - "name": "services_sessions" - }, - "replicaCount": { - "default": 1, - "min": 1, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-sessions + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: services_sessions_read + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: sessions-api.internal.dev01.devland.is + paths: + - / + namespace: services-sessions + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: 250m + memory: 512Mi + requests: + cpu: 25m + memory: 300Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-sessions/readonly/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-sessions/values.prod.yaml b/charts/services/services-sessions/values.prod.yaml index 094fd86865d6..243ae2cd4ef0 100644 --- a/charts/services/services-sessions/values.prod.yaml +++ b/charts/services/services-sessions/values.prod.yaml @@ -1,83 +1,68 @@ -{ - "services-sessions": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "REDIS_USE_SSL": "true" - }, - "features": {}, - "name": "services-sessions", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "internal": { - "host": { - "dev": "sessions-api", - "staging": "sessions-api", - "prod": "sessions-api" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "services-sessions", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "250m", - "memory": "512Mi" - }, - "requests": { - "cpu": "25m", - "memory": "300Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-sessions", - "redis": {}, - "postgres": { - "readOnly": true, - "extensions": [ - "uuid-ossp" - ], - "username": "services_sessions_read", - "passwordSecret": "/k8s/services-sessions/readonly/DB_PASSWORD", - "name": "services_sessions" - }, - "replicaCount": { - "default": 1, - "min": 1, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-sessions + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_sessions_read + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: sessions-api.internal.island.is + paths: + - / + namespace: services-sessions + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: 250m + memory: 512Mi + requests: + cpu: 25m + memory: 300Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-sessions/readonly/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-sessions/values.staging.yaml b/charts/services/services-sessions/values.staging.yaml index 094fd86865d6..ac5ebab05fa1 100644 --- a/charts/services/services-sessions/values.staging.yaml +++ b/charts/services/services-sessions/values.staging.yaml @@ -1,83 +1,68 @@ -{ - "services-sessions": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "REDIS_USE_SSL": "true" - }, - "features": {}, - "name": "services-sessions", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "identity-server" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "internal": { - "host": { - "dev": "sessions-api", - "staging": "sessions-api", - "prod": "sessions-api" - }, - "paths": [ - "/" - ], - "public": false - } - }, - "namespace": "services-sessions", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "250m", - "memory": "512Mi" - }, - "requests": { - "cpu": "25m", - "memory": "300Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-sessions", - "redis": {}, - "postgres": { - "readOnly": true, - "extensions": [ - "uuid-ossp" - ], - "username": "services_sessions_read", - "passwordSecret": "/k8s/services-sessions/readonly/DB_PASSWORD", - "name": "services_sessions" - }, - "replicaCount": { - "default": 1, - "min": 1, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-sessions + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_sessions + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_sessions_read + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + ingress: + internal-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: sessions-api.internal.staging01.devland.is + paths: + - / + namespace: services-sessions + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: 250m + memory: 512Mi + requests: + cpu: 25m + memory: 300Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-sessions/readonly/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/services-university-gateway-worker/values.dev.yaml b/charts/services/services-university-gateway-worker/values.dev.yaml index 653a09a5697a..c4d0d71e0005 100644 --- a/charts/services/services-university-gateway-worker/values.dev.yaml +++ b/charts/services/services-university-gateway-worker/values.dev.yaml @@ -1,189 +1,86 @@ -{ - "services-university-gateway-worker": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-university-gateway-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "services-university-gateway", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "384Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", - "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", - "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "accountName": "services-university-gateway-worker", - "image": "services-university-gateway", - "cmds": "node", - "redis": {}, - "args": [ - "main.js", - "--job", - "worker" - ], - "postgres": { - "username": "services_university_gateway", - "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", - "name": "services_university_gateway" - }, - "extraAttributes": { - "dev": { - "schedule": "0 * * * *" - }, - "staging": { - "schedule": "0 2 * * *" - }, - "prod": { - "schedule": "0 * * * *" - } - } - } - } -} \ No newline at end of file +service: + name: services-university-gateway-worker + args: + - main.js + - --job + - worker + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_university_gateway + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: services_university_gateway + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10010/HI-Protected/umsoknir-v1 + grantNamespaces: + - islandis + - nginx-ingress-internal + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway + namespace: services-university-gateway + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 384Mi + requests: + cpu: 50m + memory: 256Mi + schedule: 0 * * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-university-gateway/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/services-university-gateway-worker + create: true + name: services-university-gateway-worker diff --git a/charts/services/services-university-gateway-worker/values.prod.yaml b/charts/services/services-university-gateway-worker/values.prod.yaml index 653a09a5697a..76dc70a8ed2e 100644 --- a/charts/services/services-university-gateway-worker/values.prod.yaml +++ b/charts/services/services-university-gateway-worker/values.prod.yaml @@ -1,189 +1,86 @@ -{ - "services-university-gateway-worker": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-university-gateway-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "services-university-gateway", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "384Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", - "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", - "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "accountName": "services-university-gateway-worker", - "image": "services-university-gateway", - "cmds": "node", - "redis": {}, - "args": [ - "main.js", - "--job", - "worker" - ], - "postgres": { - "username": "services_university_gateway", - "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", - "name": "services_university_gateway" - }, - "extraAttributes": { - "dev": { - "schedule": "0 * * * *" - }, - "staging": { - "schedule": "0 2 * * *" - }, - "prod": { - "schedule": "0 * * * *" - } - } - } - } -} \ No newline at end of file +service: + name: services-university-gateway-worker + args: + - main.js + - --job + - worker + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_university_gateway + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_university_gateway + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/4112043590/LBHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS/EDU/5001694359/Holar-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS/EDU/4210984099/LHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS/EDU/5206871229/UNAK-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/6001692039/HI-Protected/umsoknir-v1 + grantNamespaces: + - islandis + - nginx-ingress-internal + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway + namespace: services-university-gateway + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 384Mi + requests: + cpu: 50m + memory: 256Mi + schedule: 0 * * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-university-gateway/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/services-university-gateway-worker + create: true + name: services-university-gateway-worker diff --git a/charts/services/services-university-gateway-worker/values.staging.yaml b/charts/services/services-university-gateway-worker/values.staging.yaml index 653a09a5697a..33d631850ec9 100644 --- a/charts/services/services-university-gateway-worker/values.staging.yaml +++ b/charts/services/services-university-gateway-worker/values.staging.yaml @@ -1,189 +1,86 @@ -{ - "services-university-gateway-worker": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-university-gateway-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "services-university-gateway", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "384Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", - "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", - "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "accountName": "services-university-gateway-worker", - "image": "services-university-gateway", - "cmds": "node", - "redis": {}, - "args": [ - "main.js", - "--job", - "worker" - ], - "postgres": { - "username": "services_university_gateway", - "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", - "name": "services_university_gateway" - }, - "extraAttributes": { - "dev": { - "schedule": "0 * * * *" - }, - "staging": { - "schedule": "0 2 * * *" - }, - "prod": { - "schedule": "0 * * * *" - } - } - } - } -} \ No newline at end of file +service: + name: services-university-gateway-worker + args: + - main.js + - --job + - worker + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_university_gateway + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_university_gateway + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10010/HI-Protected/umsoknir-v1 + grantNamespaces: + - islandis + - nginx-ingress-internal + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway + namespace: services-university-gateway + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 384Mi + requests: + cpu: 50m + memory: 256Mi + schedule: 0 2 * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-university-gateway/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/services-university-gateway-worker + create: true + name: services-university-gateway-worker diff --git a/charts/services/services-university-gateway/values.dev.yaml b/charts/services/services-university-gateway/values.dev.yaml index 68f29e9006dc..f1c9a208d7d1 100644 --- a/charts/services/services-university-gateway/values.dev.yaml +++ b/charts/services/services-university-gateway/values.dev.yaml @@ -1,225 +1,128 @@ -{ - "services-university-gateway": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-university-gateway", - "grantNamespaces": [ - "islandis", - "nginx-ingress-internal", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "services-university-gateway", - "staging": "services-university-gateway", - "prod": "services-university-gateway" - }, - "paths": [ - "/api" - ], - "public": false - } - }, - "namespace": "services-university-gateway", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "384Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", - "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", - "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "accountName": "services-university-gateway", - "image": "services-university-gateway", - "cmds": "node", - "redis": {}, - "args": [ - "main.js" - ], - "postgres": { - "username": "services_university_gateway", - "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", - "name": "services_university_gateway" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - }, - { - "name": "seed", - "command": "npx", - "args": [ - "sequelize-cli", - "db:seed:all" - ] - } - ], - "postgres": { - "username": "services_university_gateway", - "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", - "name": "services_university_gateway" - } - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-university-gateway + args: + - main.js + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_university_gateway + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: services_university_gateway + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10010/HI-Protected/umsoknir-v1 + grantNamespaces: + - islandis + - nginx-ingress-internal + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: services-university-gateway.internal.dev01.devland.is + paths: + - /api + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + - args: + - sequelize-cli + - db:seed:all + command: + - npx + name: seed + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_university_gateway + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: services_university_gateway + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/services-university-gateway/DB_PASSWORD + namespace: services-university-gateway + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 200m + memory: 384Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-university-gateway/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/services-university-gateway + create: true + name: services-university-gateway diff --git a/charts/services/services-university-gateway/values.prod.yaml b/charts/services/services-university-gateway/values.prod.yaml index 68f29e9006dc..77a6c7378674 100644 --- a/charts/services/services-university-gateway/values.prod.yaml +++ b/charts/services/services-university-gateway/values.prod.yaml @@ -1,225 +1,128 @@ -{ - "services-university-gateway": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-university-gateway", - "grantNamespaces": [ - "islandis", - "nginx-ingress-internal", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "services-university-gateway", - "staging": "services-university-gateway", - "prod": "services-university-gateway" - }, - "paths": [ - "/api" - ], - "public": false - } - }, - "namespace": "services-university-gateway", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "384Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", - "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", - "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "accountName": "services-university-gateway", - "image": "services-university-gateway", - "cmds": "node", - "redis": {}, - "args": [ - "main.js" - ], - "postgres": { - "username": "services_university_gateway", - "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", - "name": "services_university_gateway" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - }, - { - "name": "seed", - "command": "npx", - "args": [ - "sequelize-cli", - "db:seed:all" - ] - } - ], - "postgres": { - "username": "services_university_gateway", - "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", - "name": "services_university_gateway" - } - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-university-gateway + args: + - main.js + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_university_gateway + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_university_gateway + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/4112043590/LBHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS/EDU/5001694359/Holar-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS/EDU/4210984099/LHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS/EDU/5206871229/UNAK-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/6001692039/HI-Protected/umsoknir-v1 + grantNamespaces: + - islandis + - nginx-ingress-internal + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: services-university-gateway.internal.island.is + paths: + - /api + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + - args: + - sequelize-cli + - db:seed:all + command: + - npx + name: seed + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_university_gateway + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_university_gateway + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/services-university-gateway/DB_PASSWORD + namespace: services-university-gateway + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 200m + memory: 384Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-university-gateway/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/services-university-gateway + create: true + name: services-university-gateway diff --git a/charts/services/services-university-gateway/values.staging.yaml b/charts/services/services-university-gateway/values.staging.yaml index 68f29e9006dc..405303e9db5b 100644 --- a/charts/services/services-university-gateway/values.staging.yaml +++ b/charts/services/services-university-gateway/values.staging.yaml @@ -1,225 +1,128 @@ -{ - "services-university-gateway": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_CLIENT_ID": "@island.is/clients/university-gateway", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "services-university-gateway", - "grantNamespaces": [ - "islandis", - "nginx-ingress-internal", - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "services-university-gateway", - "staging": "services-university-gateway", - "prod": "services-university-gateway" - }, - "paths": [ - "/api" - ], - "public": false - } - }, - "namespace": "services-university-gateway", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "384Mi" - }, - "requests": { - "cpu": "50m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10010/HI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10010/HI-Protected/umsoknir-v1", - "prod": "IS/EDU/6001692039/HI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH": { - "dev": "IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1", - "prod": "IS/EDU/5206871229/UNAK-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1", - "prod": "IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH": { - "dev": "IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4210984099/LHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH": { - "dev": "IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1", - "prod": "IS/EDU/4112043590/LBHI-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1", - "prod": "IS/EDU/5001694359/Holar-Protected/umsoknir-v1" - } - } - } - }, - { - "config": { - "env": { - "XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH": { - "dev": "IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1", - "staging": "IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1", - "prod": "IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1" - } - } - } - } - ], - "files": [], - "volumes": [], - "accountName": "services-university-gateway", - "image": "services-university-gateway", - "cmds": "node", - "redis": {}, - "args": [ - "main.js" - ], - "postgres": { - "username": "services_university_gateway", - "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", - "name": "services_university_gateway" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - }, - { - "name": "seed", - "command": "npx", - "args": [ - "sequelize-cli", - "db:seed:all" - ] - } - ], - "postgres": { - "username": "services_university_gateway", - "passwordSecret": "/k8s/services-university-gateway/DB_PASSWORD", - "name": "services_university_gateway" - } - }, - "replicaCount": { - "default": 2, - "min": 2, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: services-university-gateway + args: + - main.js + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_university_gateway + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_university_gateway + IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1 + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10010/HI-Protected/umsoknir-v1 + grantNamespaces: + - islandis + - nginx-ingress-internal + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: services-university-gateway.internal.staging01.devland.is + paths: + - /api + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + - args: + - sequelize-cli + - db:seed:all + command: + - npx + name: seed + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: services_university_gateway + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: services_university_gateway + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/services-university-gateway/DB_PASSWORD + namespace: services-university-gateway + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 200m + memory: 384Mi + requests: + cpu: 50m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/services-university-gateway/DB_PASSWORD + IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/services-university-gateway + create: true + name: services-university-gateway diff --git a/charts/services/skilavottord-web/values.dev.yaml b/charts/services/skilavottord-web/values.dev.yaml index 58a5a3b4d18b..b854faaac36a 100644 --- a/charts/services/skilavottord-web/values.dev.yaml +++ b/charts/services/skilavottord-web/values.dev.yaml @@ -1,90 +1,68 @@ -{ - "skilavottord-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "skilavottord-web", - "grantNamespaces": [ - "nginx-ingress-external" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_DOMAIN": "/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN", - "SKILAVOTTORD_WEB_IDS_CLIENT_SECRET": "/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET", - "IDENTITY_SERVER_LOGOUT_REDIRECT_URL": "/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL", - "NEXTAUTH_URL": "/k8s/skilavottord/web/NEXTAUTH_URL", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "paths": [ - "/app/skilavottord/" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "skilavottord", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "40m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 10, - "min": 2, - "scalingMagicNumber": 8 - } - } - } -} \ No newline at end of file +service: + name: skilavottord-web + enabled: true + env: + API_URL: http://web-skilavottord-ws + ENVIRONMENT: dev + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.dev01.devland.is + paths: + - /app/skilavottord/ + namespace: skilavottord + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 40m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + IDENTITY_SERVER_DOMAIN: /k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: /k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL + NEXTAUTH_URL: /k8s/skilavottord/web/NEXTAUTH_URL + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: /k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/skilavottord-web/values.prod.yaml b/charts/services/skilavottord-web/values.prod.yaml index 58a5a3b4d18b..dbf4128c2768 100644 --- a/charts/services/skilavottord-web/values.prod.yaml +++ b/charts/services/skilavottord-web/values.prod.yaml @@ -1,90 +1,71 @@ -{ - "skilavottord-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "skilavottord-web", - "grantNamespaces": [ - "nginx-ingress-external" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_DOMAIN": "/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN", - "SKILAVOTTORD_WEB_IDS_CLIENT_SECRET": "/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET", - "IDENTITY_SERVER_LOGOUT_REDIRECT_URL": "/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL", - "NEXTAUTH_URL": "/k8s/skilavottord/web/NEXTAUTH_URL", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "paths": [ - "/app/skilavottord/" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "skilavottord", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "40m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 10, - "min": 2, - "scalingMagicNumber": 8 - } - } - } -} \ No newline at end of file +service: + name: skilavottord-web + enabled: true + env: + API_URL: http://web-skilavottord-ws + ENVIRONMENT: prod + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: island.is + paths: + - /app/skilavottord/ + - host: www.island.is + paths: + - /app/skilavottord/ + namespace: skilavottord + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 40m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + IDENTITY_SERVER_DOMAIN: /k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: /k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL + NEXTAUTH_URL: /k8s/skilavottord/web/NEXTAUTH_URL + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: /k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/skilavottord-web/values.staging.yaml b/charts/services/skilavottord-web/values.staging.yaml index 58a5a3b4d18b..83d820554f3c 100644 --- a/charts/services/skilavottord-web/values.staging.yaml +++ b/charts/services/skilavottord-web/values.staging.yaml @@ -1,90 +1,68 @@ -{ - "skilavottord-web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "skilavottord-web", - "grantNamespaces": [ - "nginx-ingress-external" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "IDENTITY_SERVER_DOMAIN": "/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN", - "SKILAVOTTORD_WEB_IDS_CLIENT_SECRET": "/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET", - "IDENTITY_SERVER_LOGOUT_REDIRECT_URL": "/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL", - "NEXTAUTH_URL": "/k8s/skilavottord/web/NEXTAUTH_URL", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "paths": [ - "/app/skilavottord/" - ], - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "skilavottord", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "40m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 10, - "min": 2, - "scalingMagicNumber": 8 - } - } - } -} \ No newline at end of file +service: + name: skilavottord-web + enabled: true + env: + API_URL: http://web-skilavottord-ws + ENVIRONMENT: staging + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-external + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 8 + replicas: + max: 10 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.staging01.devland.is + paths: + - /app/skilavottord/ + namespace: skilavottord + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 10 + min: 2 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 40m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + IDENTITY_SERVER_DOMAIN: /k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: /k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL + NEXTAUTH_URL: /k8s/skilavottord/web/NEXTAUTH_URL + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: /k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/skilavottord-ws/values.dev.yaml b/charts/services/skilavottord-ws/values.dev.yaml index 59a70813f55e..a92bcc8894e3 100644 --- a/charts/services/skilavottord-ws/values.dev.yaml +++ b/charts/services/skilavottord-ws/values.dev.yaml @@ -1,105 +1,97 @@ -{ - "skilavottord-ws": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "skilavottord-ws", - "grantNamespaces": [ - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SAMGONGUSTOFA_SOAP_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL", - "SAMGONGUSTOFA_REST_AUTH_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL", - "SAMGONGUSTOFA_REST_DEREG_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL", - "FJARSYSLA_REST_URL": "/k8s/skilavottord-ws/FJARSYSLA_REST_URL", - "SAMGONGUSTOFA_REST_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS", - "SAMGONGUSTOFA_SOAP_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS", - "FJARSYSLA_REST_PASS": "/k8s/skilavottord/FJARSYSLA_REST_PASS", - "SAMGONGUSTOFA_SOAP_USER": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER", - "SAMGONGUSTOFA_REST_USER": "/k8s/skilavottord/SAMGONGUSTOFA_REST_USER", - "FJARSYSLA_REST_USER": "/k8s/skilavottord/FJARSYSLA_REST_USER" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "paths": [ - "/app/skilavottord/api/graphql" - ] - } - }, - "namespace": "skilavottord", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "40m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "postgres": { - "name": "skilavottord", - "username": "skilavottord", - "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "skilavottord", - "username": "skilavottord", - "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" - } - } - } - } -} \ No newline at end of file +service: + name: skilavottord-ws + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: skilavottord + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: skilavottord + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.dev01.devland.is + paths: + - /app/skilavottord/api/graphql + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: skilavottord + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: skilavottord + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/skilavottord/DB_PASSWORD + namespace: skilavottord + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 40m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/skilavottord/DB_PASSWORD + FJARSYSLA_REST_PASS: /k8s/skilavottord/FJARSYSLA_REST_PASS + FJARSYSLA_REST_URL: /k8s/skilavottord-ws/FJARSYSLA_REST_URL + FJARSYSLA_REST_USER: /k8s/skilavottord/FJARSYSLA_REST_USER + SAMGONGUSTOFA_REST_AUTH_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL + SAMGONGUSTOFA_REST_DEREG_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL + SAMGONGUSTOFA_REST_PASS: /k8s/skilavottord/SAMGONGUSTOFA_REST_PASS + SAMGONGUSTOFA_REST_USER: /k8s/skilavottord/SAMGONGUSTOFA_REST_USER + SAMGONGUSTOFA_SOAP_PASS: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS + SAMGONGUSTOFA_SOAP_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL + SAMGONGUSTOFA_SOAP_USER: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/skilavottord-ws/values.prod.yaml b/charts/services/skilavottord-ws/values.prod.yaml index 59a70813f55e..7f22104adb13 100644 --- a/charts/services/skilavottord-ws/values.prod.yaml +++ b/charts/services/skilavottord-ws/values.prod.yaml @@ -1,105 +1,100 @@ -{ - "skilavottord-ws": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "skilavottord-ws", - "grantNamespaces": [ - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SAMGONGUSTOFA_SOAP_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL", - "SAMGONGUSTOFA_REST_AUTH_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL", - "SAMGONGUSTOFA_REST_DEREG_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL", - "FJARSYSLA_REST_URL": "/k8s/skilavottord-ws/FJARSYSLA_REST_URL", - "SAMGONGUSTOFA_REST_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS", - "SAMGONGUSTOFA_SOAP_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS", - "FJARSYSLA_REST_PASS": "/k8s/skilavottord/FJARSYSLA_REST_PASS", - "SAMGONGUSTOFA_SOAP_USER": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER", - "SAMGONGUSTOFA_REST_USER": "/k8s/skilavottord/SAMGONGUSTOFA_REST_USER", - "FJARSYSLA_REST_USER": "/k8s/skilavottord/FJARSYSLA_REST_USER" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "paths": [ - "/app/skilavottord/api/graphql" - ] - } - }, - "namespace": "skilavottord", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "40m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "postgres": { - "name": "skilavottord", - "username": "skilavottord", - "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "skilavottord", - "username": "skilavottord", - "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" - } - } - } - } -} \ No newline at end of file +service: + name: skilavottord-ws + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: skilavottord + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: skilavottord + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: island.is + paths: + - /app/skilavottord/api/graphql + - host: www.island.is + paths: + - /app/skilavottord/api/graphql + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: skilavottord + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: skilavottord + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/skilavottord/DB_PASSWORD + namespace: skilavottord + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 40m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/skilavottord/DB_PASSWORD + FJARSYSLA_REST_PASS: /k8s/skilavottord/FJARSYSLA_REST_PASS + FJARSYSLA_REST_URL: /k8s/skilavottord-ws/FJARSYSLA_REST_URL + FJARSYSLA_REST_USER: /k8s/skilavottord/FJARSYSLA_REST_USER + SAMGONGUSTOFA_REST_AUTH_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL + SAMGONGUSTOFA_REST_DEREG_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL + SAMGONGUSTOFA_REST_PASS: /k8s/skilavottord/SAMGONGUSTOFA_REST_PASS + SAMGONGUSTOFA_REST_USER: /k8s/skilavottord/SAMGONGUSTOFA_REST_USER + SAMGONGUSTOFA_SOAP_PASS: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS + SAMGONGUSTOFA_SOAP_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL + SAMGONGUSTOFA_SOAP_USER: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/skilavottord-ws/values.staging.yaml b/charts/services/skilavottord-ws/values.staging.yaml index 59a70813f55e..443e80af7f46 100644 --- a/charts/services/skilavottord-ws/values.staging.yaml +++ b/charts/services/skilavottord-ws/values.staging.yaml @@ -1,105 +1,97 @@ -{ - "skilavottord-ws": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - } - }, - "features": {}, - "name": "skilavottord-ws", - "grantNamespaces": [ - "application-system" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "SAMGONGUSTOFA_SOAP_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL", - "SAMGONGUSTOFA_REST_AUTH_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL", - "SAMGONGUSTOFA_REST_DEREG_URL": "/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL", - "FJARSYSLA_REST_URL": "/k8s/skilavottord-ws/FJARSYSLA_REST_URL", - "SAMGONGUSTOFA_REST_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS", - "SAMGONGUSTOFA_SOAP_PASS": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS", - "FJARSYSLA_REST_PASS": "/k8s/skilavottord/FJARSYSLA_REST_PASS", - "SAMGONGUSTOFA_SOAP_USER": "/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER", - "SAMGONGUSTOFA_REST_USER": "/k8s/skilavottord/SAMGONGUSTOFA_REST_USER", - "FJARSYSLA_REST_USER": "/k8s/skilavottord/FJARSYSLA_REST_USER" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "paths": [ - "/app/skilavottord/api/graphql" - ] - } - }, - "namespace": "skilavottord", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "512Mi" - }, - "requests": { - "cpu": "40m", - "memory": "256Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "postgres": { - "name": "skilavottord", - "username": "skilavottord", - "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "skilavottord", - "username": "skilavottord", - "passwordSecret": "/k8s/skilavottord/DB_PASSWORD" - } - } - } - } -} \ No newline at end of file +service: + name: skilavottord-ws + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: skilavottord + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: skilavottord + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - application-system + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.staging01.devland.is + paths: + - /app/skilavottord/api/graphql + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: skilavottord + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: skilavottord + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/skilavottord/DB_PASSWORD + namespace: skilavottord + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 40m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/skilavottord/DB_PASSWORD + FJARSYSLA_REST_PASS: /k8s/skilavottord/FJARSYSLA_REST_PASS + FJARSYSLA_REST_URL: /k8s/skilavottord-ws/FJARSYSLA_REST_URL + FJARSYSLA_REST_USER: /k8s/skilavottord/FJARSYSLA_REST_USER + SAMGONGUSTOFA_REST_AUTH_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL + SAMGONGUSTOFA_REST_DEREG_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL + SAMGONGUSTOFA_REST_PASS: /k8s/skilavottord/SAMGONGUSTOFA_REST_PASS + SAMGONGUSTOFA_REST_USER: /k8s/skilavottord/SAMGONGUSTOFA_REST_USER + SAMGONGUSTOFA_SOAP_PASS: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS + SAMGONGUSTOFA_SOAP_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL + SAMGONGUSTOFA_SOAP_USER: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/unicorn-app/values.dev.yaml b/charts/services/unicorn-app/values.dev.yaml index bb8aa12ff746..ab73cf720e77 100644 --- a/charts/services/unicorn-app/values.dev.yaml +++ b/charts/services/unicorn-app/values.dev.yaml @@ -1,62 +1,64 @@ -{ - "unicorn-app": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "unicorn-app", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": { - "primary": { - "host": { - "dev": "unicorn-app", - "staging": "unicorn-app", - "prod": "unicorn-app" - }, - "paths": [ - "/" - ] - } - }, - "namespace": "unicorn-app", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "200m", - "memory": "256Mi" - }, - "requests": { - "cpu": "50m", - "memory": "128Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "unicorn-app", - "accountName": "unicorn-app", - "replicaCount": { - "default": 1, - "min": 1, - "max": 10 - } - } - } -} \ No newline at end of file +service: + name: unicorn-app + enabled: true + env: + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: unicorn-app.dev01.devland.is + paths: + - / + namespace: unicorn-app + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/unicorn-app + create: true + name: unicorn-app diff --git a/charts/services/user-notification-cleanup-worker/values.dev.yaml b/charts/services/user-notification-cleanup-worker/values.dev.yaml index 4622269cc975..7f47b7b75fe4 100644 --- a/charts/services/user-notification-cleanup-worker/values.dev.yaml +++ b/charts/services/user-notification-cleanup-worker/values.dev.yaml @@ -1,88 +1,93 @@ -{ - "user-notification-cleanup-worker": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "user-notification-cleanup-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "user-notification", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-user-notification", - "accountName": "user-notification-cleanup-worker", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js", - "--job=cleanup" - ], - "postgres": { - "name": "user_notification", - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "user_notification", - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD" - } - }, - "extraAttributes": { - "dev": { - "schedule": "@hourly" - }, - "staging": { - "schedule": "@midnight" - }, - "prod": { - "schedule": "@midnight" - } - } - } - } -} \ No newline at end of file +service: + name: user-notification-cleanup-worker + args: + - --no-experimental-fetch + - main.js + - --job=cleanup + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: user_notification + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server-delegation + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: user_notification + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/user-notification/DB_PASSWORD + namespace: user-notification + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + schedule: "@hourly" + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/user-notification/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/user-notification-cleanup-worker + create: true + name: user-notification-cleanup-worker diff --git a/charts/services/user-notification-cleanup-worker/values.prod.yaml b/charts/services/user-notification-cleanup-worker/values.prod.yaml index 4622269cc975..57768e900c23 100644 --- a/charts/services/user-notification-cleanup-worker/values.prod.yaml +++ b/charts/services/user-notification-cleanup-worker/values.prod.yaml @@ -1,88 +1,93 @@ -{ - "user-notification-cleanup-worker": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "user-notification-cleanup-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "user-notification", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-user-notification", - "accountName": "user-notification-cleanup-worker", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js", - "--job=cleanup" - ], - "postgres": { - "name": "user_notification", - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "user_notification", - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD" - } - }, - "extraAttributes": { - "dev": { - "schedule": "@hourly" - }, - "staging": { - "schedule": "@midnight" - }, - "prod": { - "schedule": "@midnight" - } - } - } - } -} \ No newline at end of file +service: + name: user-notification-cleanup-worker + args: + - --no-experimental-fetch + - main.js + - --job=cleanup + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: user_notification + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server-delegation + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: user_notification + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/user-notification/DB_PASSWORD + namespace: user-notification + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + schedule: "@midnight" + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/user-notification/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/user-notification-cleanup-worker + create: true + name: user-notification-cleanup-worker diff --git a/charts/services/user-notification-cleanup-worker/values.staging.yaml b/charts/services/user-notification-cleanup-worker/values.staging.yaml index 4622269cc975..104aa292cc69 100644 --- a/charts/services/user-notification-cleanup-worker/values.staging.yaml +++ b/charts/services/user-notification-cleanup-worker/values.staging.yaml @@ -1,88 +1,93 @@ -{ - "user-notification-cleanup-worker": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": {}, - "features": {}, - "name": "user-notification-cleanup-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "user-notification", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "image": "services-user-notification", - "accountName": "user-notification-cleanup-worker", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js", - "--job=cleanup" - ], - "postgres": { - "name": "user_notification", - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "name": "user_notification", - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD" - } - }, - "extraAttributes": { - "dev": { - "schedule": "@hourly" - }, - "staging": { - "schedule": "@midnight" - }, - "prod": { - "schedule": "@midnight" - } - } - } - } -} \ No newline at end of file +service: + name: user-notification-cleanup-worker + args: + - --no-experimental-fetch + - main.js + - --job=cleanup + command: + - node + enabled: true + env: + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: user_notification + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server-delegation + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: user_notification + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/user-notification/DB_PASSWORD + namespace: user-notification + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + schedule: "@midnight" + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DB_PASS: /k8s/user-notification/DB_PASSWORD + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/user-notification-cleanup-worker + create: true + name: user-notification-cleanup-worker diff --git a/charts/services/user-notification-worker/values.dev.yaml b/charts/services/user-notification-worker/values.dev.yaml index 2471755417a9..9f9bb5cfe0a7 100644 --- a/charts/services/user-notification-worker/values.dev.yaml +++ b/charts/services/user-notification-worker/values.dev.yaml @@ -1,192 +1,120 @@ -{ - "user-notification-worker": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "MAIN_QUEUE_NAME": "user-notification", - "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", - "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", - "EMAIL_FROM_ADDRESS": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "noreply@island.is" - }, - "REDIS_USE_SSL": "true", - "EMAIL_REGION": "eu-west-1", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - } - }, - "features": {}, - "name": "user-notification-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", - "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "user-notification", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "384Mi" - }, - "requests": { - "cpu": "150m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-user-notification", - "accountName": "user-notification-worker", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js", - "--job=worker" - ], - "postgres": { - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD", - "name": "user_notification" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD", - "name": "user_notification" - } - }, - "redis": {}, - "replicaCount": { - "min": 1, - "max": 2, - "default": 1 - } - } - } -} \ No newline at end of file +service: + name: user-notification-worker + args: + - --no-experimental-fetch + - main.js + - --job=worker + command: + - node + enabled: true + env: + AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 + CONTENTFUL_HOST: preview.contentful.com + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: user_notification + DEAD_LETTER_QUEUE_NAME: user-notification-failure + EMAIL_FROM_ADDRESS: development@island.is + EMAIL_REGION: eu-west-1 + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + MAIN_QUEUE_NAME: user-notification + NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: "" + SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur + USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server-delegation + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: user_notification + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/user-notification/DB_PASSWORD + namespace: user-notification + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: 400m + memory: 384Mi + requests: + cpu: 150m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN + DB_PASS: /k8s/user-notification/DB_PASSWORD + FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials + IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID + IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/user-notification-worker + create: true + name: user-notification-worker diff --git a/charts/services/user-notification-worker/values.prod.yaml b/charts/services/user-notification-worker/values.prod.yaml index 2471755417a9..dfd986d78c8c 100644 --- a/charts/services/user-notification-worker/values.prod.yaml +++ b/charts/services/user-notification-worker/values.prod.yaml @@ -1,192 +1,120 @@ -{ - "user-notification-worker": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "MAIN_QUEUE_NAME": "user-notification", - "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", - "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", - "EMAIL_FROM_ADDRESS": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "noreply@island.is" - }, - "REDIS_USE_SSL": "true", - "EMAIL_REGION": "eu-west-1", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - } - }, - "features": {}, - "name": "user-notification-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", - "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "user-notification", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "384Mi" - }, - "requests": { - "cpu": "150m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-user-notification", - "accountName": "user-notification-worker", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js", - "--job=worker" - ], - "postgres": { - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD", - "name": "user_notification" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD", - "name": "user_notification" - } - }, - "redis": {}, - "replicaCount": { - "min": 1, - "max": 2, - "default": 1 - } - } - } -} \ No newline at end of file +service: + name: user-notification-worker + args: + - --no-experimental-fetch + - main.js + - --job=worker + command: + - node + enabled: true + env: + AUTH_DELEGATION_API_URL: https://auth-delegation-api.internal.innskra.island.is + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 + CONTENTFUL_HOST: cdn.contentful.com + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: user_notification + DEAD_LETTER_QUEUE_NAME: user-notification-failure + EMAIL_FROM_ADDRESS: noreply@island.is + EMAIL_REGION: eu-west-1 + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + MAIN_QUEUE_NAME: user-notification + NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur + USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server-delegation + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: user_notification + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + secrets: + DB_PASS: /k8s/user-notification/DB_PASSWORD + namespace: user-notification + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: 400m + memory: 384Mi + requests: + cpu: 150m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN + DB_PASS: /k8s/user-notification/DB_PASSWORD + FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials + IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID + IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/user-notification-worker + create: true + name: user-notification-worker diff --git a/charts/services/user-notification-worker/values.staging.yaml b/charts/services/user-notification-worker/values.staging.yaml index 2471755417a9..a53ef3362ca7 100644 --- a/charts/services/user-notification-worker/values.staging.yaml +++ b/charts/services/user-notification-worker/values.staging.yaml @@ -1,192 +1,120 @@ -{ - "user-notification-worker": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "MAIN_QUEUE_NAME": "user-notification", - "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", - "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", - "EMAIL_FROM_ADDRESS": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "noreply@island.is" - }, - "REDIS_USE_SSL": "true", - "EMAIL_REGION": "eu-west-1", - "CONTENTFUL_HOST": { - "dev": "preview.contentful.com", - "staging": "cdn.contentful.com", - "prod": "cdn.contentful.com" - } - }, - "features": {}, - "name": "user-notification-worker", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", - "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": {}, - "namespace": "user-notification", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "384Mi" - }, - "requests": { - "cpu": "150m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-user-notification", - "accountName": "user-notification-worker", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js", - "--job=worker" - ], - "postgres": { - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD", - "name": "user_notification" - }, - "initContainers": { - "envs": {}, - "secrets": {}, - "features": {}, - "containers": [ - { - "name": "migrations", - "command": "npx", - "args": [ - "sequelize-cli", - "db:migrate" - ] - } - ], - "postgres": { - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD", - "name": "user_notification" - } - }, - "redis": {}, - "replicaCount": { - "min": 1, - "max": 2, - "default": 1 - } - } - } -} \ No newline at end of file +service: + name: user-notification-worker + args: + - --no-experimental-fetch + - main.js + - --job=worker + command: + - node + enabled: true + env: + AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 + CONTENTFUL_HOST: cdn.contentful.com + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: user_notification + DEAD_LETTER_QUEUE_NAME: user-notification-failure + EMAIL_FROM_ADDRESS: development@island.is + EMAIL_REGION: eu-west-1 + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + MAIN_QUEUE_NAME: user-notification + NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: "" + SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur + USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server-delegation + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 2 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + initContainer: + containers: + - args: + - sequelize-cli + - db:migrate + command: + - npx + name: migrations + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + env: + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: user_notification + SERVERSIDE_FEATURES_ON: "" + secrets: + DB_PASS: /k8s/user-notification/DB_PASSWORD + namespace: user-notification + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 2 + min: 1 + resources: + limits: + cpu: 400m + memory: 384Mi + requests: + cpu: 150m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN + DB_PASS: /k8s/user-notification/DB_PASSWORD + FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials + IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID + IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/user-notification-worker + create: true + name: user-notification-worker diff --git a/charts/services/user-notification/values.dev.yaml b/charts/services/user-notification/values.dev.yaml index 1a9989fe850f..82e91b49f50f 100644 --- a/charts/services/user-notification/values.dev.yaml +++ b/charts/services/user-notification/values.dev.yaml @@ -1,190 +1,105 @@ -{ - "user-notification": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "MAIN_QUEUE_NAME": "user-notification", - "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", - "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", - "EMAIL_FROM_ADDRESS": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "noreply@island.is" - }, - "REDIS_USE_SSL": "true" - }, - "features": {}, - "name": "user-notification", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "identity-server-delegation" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", - "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "user-notification-xrd", - "staging": "user-notification-xrd", - "prod": "user-notification-xrd" - }, - "paths": [ - "/" - ], - "public": false, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "user-notification", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "384Mi" - }, - "requests": { - "cpu": "150m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-user-notification", - "accountName": "user-notification", - "postgres": { - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD", - "name": "user_notification" - }, - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ], - "redis": {} - } - } -} \ No newline at end of file +service: + name: user-notification + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications-reader.internal + DB_USER: user_notification + DEAD_LETTER_QUEUE_NAME: user-notification-failure + EMAIL_FROM_ADDRESS: development@island.is + IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + LOG_LEVEL: info + MAIN_QUEUE_NAME: user-notification + NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: "" + SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur + USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server-delegation + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: user-notification-xrd.internal.dev01.devland.is + paths: + - / + namespace: user-notification + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 384Mi + requests: + cpu: 150m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN + DB_PASS: /k8s/user-notification/DB_PASSWORD + FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials + IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID + IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/user-notification + create: true + name: user-notification diff --git a/charts/services/user-notification/values.prod.yaml b/charts/services/user-notification/values.prod.yaml index 1a9989fe850f..d2662cd5b25f 100644 --- a/charts/services/user-notification/values.prod.yaml +++ b/charts/services/user-notification/values.prod.yaml @@ -1,190 +1,105 @@ -{ - "user-notification": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "MAIN_QUEUE_NAME": "user-notification", - "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", - "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", - "EMAIL_FROM_ADDRESS": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "noreply@island.is" - }, - "REDIS_USE_SSL": "true" - }, - "features": {}, - "name": "user-notification", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "identity-server-delegation" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", - "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "user-notification-xrd", - "staging": "user-notification-xrd", - "prod": "user-notification-xrd" - }, - "paths": [ - "/" - ], - "public": false, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "user-notification", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "384Mi" - }, - "requests": { - "cpu": "150m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-user-notification", - "accountName": "user-notification", - "postgres": { - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD", - "name": "user_notification" - }, - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ], - "redis": {} - } - } -} \ No newline at end of file +service: + name: user-notification + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + AUTH_DELEGATION_API_URL: https://auth-delegation-api.internal.innskra.island.is + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: user_notification + DEAD_LETTER_QUEUE_NAME: user-notification-failure + EMAIL_FROM_ADDRESS: noreply@island.is + IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + LOG_LEVEL: info + MAIN_QUEUE_NAME: user-notification + NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur + USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server-delegation + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: user-notification-xrd.internal.island.is + paths: + - / + namespace: user-notification + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 400m + memory: 384Mi + requests: + cpu: 150m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN + DB_PASS: /k8s/user-notification/DB_PASSWORD + FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials + IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID + IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/user-notification + create: true + name: user-notification diff --git a/charts/services/user-notification/values.staging.yaml b/charts/services/user-notification/values.staging.yaml index 1a9989fe850f..65305b477c5e 100644 --- a/charts/services/user-notification/values.staging.yaml +++ b/charts/services/user-notification/values.staging.yaml @@ -1,190 +1,105 @@ -{ - "user-notification": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/health/check", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "MAIN_QUEUE_NAME": "user-notification", - "DEAD_LETTER_QUEUE_NAME": "user-notification-failure", - "IDENTITY_SERVER_ISSUER_URL": { - "dev": "https://identity-server.dev01.devland.is", - "staging": "https://identity-server.staging01.devland.is", - "prod": "https://innskra.island.is" - }, - "AUTH_DELEGATION_API_URL": { - "dev": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "staging": "http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local", - "prod": "https://auth-delegation-api.internal.innskra.island.is" - }, - "AUTH_DELEGATION_MACHINE_CLIENT_SCOPE": "[\"@island.is/auth/delegations/index:system\"]", - "SERVICE_PORTAL_CLICK_ACTION_URL": "https://island.is/minarsidur", - "EMAIL_FROM_ADDRESS": { - "dev": "development@island.is", - "staging": "development@island.is", - "prod": "noreply@island.is" - }, - "REDIS_USE_SSL": "true" - }, - "features": {}, - "name": "user-notification", - "grantNamespaces": [ - "nginx-ingress-internal", - "islandis", - "identity-server-delegation" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "FIREBASE_CREDENTIALS": "/k8s/user-notification/firestore-credentials", - "CONTENTFUL_ACCESS_TOKEN": "/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN", - "IDENTITY_SERVER_CLIENT_ID": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID", - "IDENTITY_SERVER_CLIENT_SECRET": "/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET", - "NATIONAL_REGISTRY_B2C_CLIENT_SECRET": "/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET" - }, - "ingress": { - "primary": { - "host": { - "dev": "user-notification-xrd", - "staging": "user-notification-xrd", - "prod": "user-notification-xrd" - }, - "paths": [ - "/" - ], - "public": false, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - } - } - }, - "namespace": "user-notification", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "400m", - "memory": "384Mi" - }, - "requests": { - "cpu": "150m", - "memory": "256Mi" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - }, - { - "config": { - "env": { - "NATIONAL_REGISTRY_B2C_CLIENT_ID": { - "dev": "b464afdd-056b-406d-b650-6d41733cfeb7", - "staging": "ca128c23-b43c-443d-bade-ec5a146a933f", - "prod": "2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f" - }, - "NATIONAL_REGISTRY_B2C_ENDPOINT": { - "dev": "https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "staging": "https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token", - "prod": "https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token" - }, - "NATIONAL_REGISTRY_B2C_SCOPE": { - "dev": "https://skraidentitydev.onmicrosoft.com/midlun/.default", - "staging": "https://skraidentitystaging.onmicrosoft.com/midlun/.default", - "prod": "https://skraidentity.onmicrosoft.com/midlun/.default" - }, - "NATIONAL_REGISTRY_B2C_PATH": { - "dev": "IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1", - "staging": "IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1", - "prod": "IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1" - } - } - } - }, - { - "config": { - "env": { - "COMPANY_REGISTRY_XROAD_PROVIDER_ID": { - "dev": "IS-DEV/GOV/10006/Skatturinn/ft-v1", - "staging": "IS-TEST/GOV/5402696029/Skatturinn/ft-v1", - "prod": "IS/GOV/5402696029/Skatturinn/ft-v1" - }, - "COMPANY_REGISTRY_REDIS_NODES": { - "dev": "[\"clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379\"]", - "staging": "[\"clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379\"]", - "prod": "[\"clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379\"]" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-user-notification", - "accountName": "user-notification", - "postgres": { - "username": "user_notification", - "passwordSecret": "/k8s/user-notification/DB_PASSWORD", - "name": "user_notification" - }, - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ], - "redis": {} - } - } -} \ No newline at end of file +service: + name: user-notification + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' + COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 + DB_HOST: postgres-applications.internal + DB_NAME: user_notification + DB_REPLICAS_HOST: postgres-applications.internal + DB_USER: user_notification + DEAD_LETTER_QUEUE_NAME: user-notification-failure + EMAIL_FROM_ADDRESS: development@island.is + IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + LOG_LEVEL: info + MAIN_QUEUE_NAME: user-notification + NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f + NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token + NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 + NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default + NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + REDIS_USE_SSL: "true" + SERVERSIDE_FEATURES_ON: "" + SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur + USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + grantNamespaces: + - nginx-ingress-internal + - islandis + - identity-server-delegation + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: /health/check + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-internal-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: user-notification-xrd.internal.staging01.devland.is + paths: + - / + namespace: user-notification + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 400m + memory: 384Mi + requests: + cpu: 150m + memory: 256Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN + DB_PASS: /k8s/user-notification/DB_PASSWORD + FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials + IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID + IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/user-notification + create: true + name: user-notification diff --git a/charts/services/web/values.dev.yaml b/charts/services/web/values.dev.yaml index 08a6fd530638..9a5018df4148 100644 --- a/charts/services/web/values.dev.yaml +++ b/charts/services/web/values.dev.yaml @@ -1,117 +1,72 @@ -{ - "web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 20 - }, - "env": { - "TRACKING_DOMAIN": { - "dev": "beta.dev01.devland.is", - "staging": "beta.staging01.devland.is", - "prod": "island.is" - }, - "DISABLE_API_CATALOGUE": { - "dev": "false", - "staging": "false", - "prod": "false" - }, - "DISABLE_SYSLUMENN_PAGE": { - "dev": "false", - "staging": "false", - "prod": "false" - }, - "DISABLE_ORGANIZATION_CHATBOT": { - "dev": "false", - "staging": "false", - "prod": "false" - } - }, - "features": {}, - "name": "web", - "grantNamespaces": [ - "nginx-ingress-external", - "api-catalogue", - "application-system", - "consultation-portal", - "search-indexer" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/" - ] - } - }, - "namespace": "islandis", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "1000m", - "memory": "768Mi" - }, - "requests": { - "cpu": "300m", - "memory": "384Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 50, - "min": 2 - }, - "extraAttributes": { - "dev": {}, - "staging": { - "basicAuth": "/k8s/web/basic_auth" - }, - "prod": {} - } - } - } -} \ No newline at end of file +service: + name: web + enabled: true + env: + API_URL: http://web-api + DISABLE_API_CATALOGUE: "false" + DISABLE_ORGANIZATION_CHATBOT: "false" + DISABLE_SYSLUMENN_PAGE: "false" + ENVIRONMENT: dev + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + TRACKING_DOMAIN: beta.dev01.devland.is + grantNamespaces: + - nginx-ingress-external + - api-catalogue + - application-system + - consultation-portal + - search-indexer + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.dev01.devland.is + paths: + - / + namespace: islandis + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: 1000m + memory: 768Mi + requests: + cpu: 300m + memory: 384Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/web/values.prod.yaml b/charts/services/web/values.prod.yaml index 08a6fd530638..77ef21bcdd72 100644 --- a/charts/services/web/values.prod.yaml +++ b/charts/services/web/values.prod.yaml @@ -1,117 +1,75 @@ -{ - "web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 20 - }, - "env": { - "TRACKING_DOMAIN": { - "dev": "beta.dev01.devland.is", - "staging": "beta.staging01.devland.is", - "prod": "island.is" - }, - "DISABLE_API_CATALOGUE": { - "dev": "false", - "staging": "false", - "prod": "false" - }, - "DISABLE_SYSLUMENN_PAGE": { - "dev": "false", - "staging": "false", - "prod": "false" - }, - "DISABLE_ORGANIZATION_CHATBOT": { - "dev": "false", - "staging": "false", - "prod": "false" - } - }, - "features": {}, - "name": "web", - "grantNamespaces": [ - "nginx-ingress-external", - "api-catalogue", - "application-system", - "consultation-portal", - "search-indexer" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/" - ] - } - }, - "namespace": "islandis", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "1000m", - "memory": "768Mi" - }, - "requests": { - "cpu": "300m", - "memory": "384Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 50, - "min": 2 - }, - "extraAttributes": { - "dev": {}, - "staging": { - "basicAuth": "/k8s/web/basic_auth" - }, - "prod": {} - } - } - } -} \ No newline at end of file +service: + name: web + enabled: true + env: + API_URL: http://web-api + DISABLE_API_CATALOGUE: "false" + DISABLE_ORGANIZATION_CHATBOT: "false" + DISABLE_SYSLUMENN_PAGE: "false" + ENVIRONMENT: prod + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + TRACKING_DOMAIN: island.is + grantNamespaces: + - nginx-ingress-external + - api-catalogue + - application-system + - consultation-portal + - search-indexer + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: island.is + paths: + - / + - host: www.island.is + paths: + - / + namespace: islandis + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: 1000m + memory: 768Mi + requests: + cpu: 300m + memory: 384Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/web/values.staging.yaml b/charts/services/web/values.staging.yaml index 08a6fd530638..6605f9c6cbca 100644 --- a/charts/services/web/values.staging.yaml +++ b/charts/services/web/values.staging.yaml @@ -1,117 +1,73 @@ -{ - "web": { - "serviceDef": { - "liveness": { - "path": "/liveness", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/readiness", - "timeoutSeconds": 3, - "initialDelaySeconds": 20 - }, - "env": { - "TRACKING_DOMAIN": { - "dev": "beta.dev01.devland.is", - "staging": "beta.staging01.devland.is", - "prod": "island.is" - }, - "DISABLE_API_CATALOGUE": { - "dev": "false", - "staging": "false", - "prod": "false" - }, - "DISABLE_SYSLUMENN_PAGE": { - "dev": "false", - "staging": "false", - "prod": "false" - }, - "DISABLE_ORGANIZATION_CHATBOT": { - "dev": "false", - "staging": "false", - "prod": "false" - } - }, - "features": {}, - "name": "web", - "grantNamespaces": [ - "nginx-ingress-external", - "api-catalogue", - "application-system", - "consultation-portal", - "search-indexer" - ], - "grantNamespacesEnabled": true, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY", - "DD_RUM_APPLICATION_ID": "/k8s/DD_RUM_APPLICATION_ID", - "DD_RUM_CLIENT_TOKEN": "/k8s/DD_RUM_CLIENT_TOKEN" - }, - "ingress": { - "primary": { - "host": { - "dev": [ - "beta" - ], - "staging": [ - "beta" - ], - "prod": [ - "", - "www.island.is" - ] - }, - "extraAnnotations": { - "dev": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "staging": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - }, - "prod": { - "nginx.ingress.kubernetes.io/proxy-buffering": "on", - "nginx.ingress.kubernetes.io/proxy-buffer-size": "8k" - } - }, - "paths": [ - "/" - ] - } - }, - "namespace": "islandis", - "serviceAccountEnabled": false, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "cpu": "1000m", - "memory": "768Mi" - }, - "requests": { - "cpu": "300m", - "memory": "384Mi" - } - }, - "xroadConfig": [], - "files": [], - "volumes": [], - "replicaCount": { - "default": 2, - "max": 50, - "min": 2 - }, - "extraAttributes": { - "dev": {}, - "staging": { - "basicAuth": "/k8s/web/basic_auth" - }, - "prod": {} - } - } - } -} \ No newline at end of file +service: + name: web + basicAuth: /k8s/web/basic_auth + enabled: true + env: + API_URL: http://web-api + DISABLE_API_CATALOGUE: "false" + DISABLE_ORGANIZATION_CHATBOT: "false" + DISABLE_SYSLUMENN_PAGE: "false" + ENVIRONMENT: staging + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + SERVERSIDE_FEATURES_ON: "" + TRACKING_DOMAIN: beta.staging01.devland.is + grantNamespaces: + - nginx-ingress-external + - api-catalogue + - application-system + - consultation-portal + - search-indexer + grantNamespacesEnabled: true + healthCheck: + liveness: + initialDelaySeconds: 3 + path: /liveness + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 20 + path: /readiness + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 50 + min: 2 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/web + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: nginx-external-alb + nginx.ingress.kubernetes.io/proxy-buffer-size: 8k + nginx.ingress.kubernetes.io/proxy-buffering: on + nginx.ingress.kubernetes.io/service-upstream: "true" + hosts: + - host: beta.staging01.devland.is + paths: + - / + namespace: islandis + podDisruptionBudget: + maxUnavailable: 1 + pvcs: [] + replicaCount: + default: 2 + max: 50 + min: 2 + resources: + limits: + cpu: 1000m + memory: 768Mi + requests: + cpu: 300m + memory: 384Mi + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID + DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + securityContext: + allowPrivilegeEscalation: false + privileged: false diff --git a/charts/services/xroad-collector/values.dev.yaml b/charts/services/xroad-collector/values.dev.yaml index de0ca24b8296..f0c765a7111b 100644 --- a/charts/services/xroad-collector/values.dev.yaml +++ b/charts/services/xroad-collector/values.dev.yaml @@ -1,104 +1,68 @@ -{ - "xroad-collector": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "NODE_TLS_REJECT_UNAUTHORIZED": "0", - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - } - }, - "features": {}, - "name": "xroad-collector", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "xroad-collector", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-xroad-collector", - "accountName": "xroad-collector", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ], - "extraAttributes": { - "dev": { - "schedule": "0 2 * * *" - }, - "staging": { - "schedule": "0 2 * * *" - }, - "prod": { - "schedule": "0 2 * * *" - } - } - } - } -} \ No newline at end of file +service: + name: xroad-collector + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + ELASTIC_NODE: https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + NODE_TLS_REJECT_UNAUTHORIZED: "0" + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.dev01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector + namespace: xroad-collector + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + schedule: 0 2 * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/xroad-collector + create: true + name: xroad-collector diff --git a/charts/services/xroad-collector/values.prod.yaml b/charts/services/xroad-collector/values.prod.yaml index de0ca24b8296..716f60b21f0e 100644 --- a/charts/services/xroad-collector/values.prod.yaml +++ b/charts/services/xroad-collector/values.prod.yaml @@ -1,104 +1,68 @@ -{ - "xroad-collector": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "NODE_TLS_REJECT_UNAUTHORIZED": "0", - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - } - }, - "features": {}, - "name": "xroad-collector", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "xroad-collector", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-xroad-collector", - "accountName": "xroad-collector", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ], - "extraAttributes": { - "dev": { - "schedule": "0 2 * * *" - }, - "staging": { - "schedule": "0 2 * * *" - }, - "prod": { - "schedule": "0 2 * * *" - } - } - } - } -} \ No newline at end of file +service: + name: xroad-collector + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + ELASTIC_NODE: https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + NODE_TLS_REJECT_UNAUTHORIZED: "0" + SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + XROAD_BASE_PATH: http://securityserver.island.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS + XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.island.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 3 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector + namespace: xroad-collector + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 3 + max: 10 + min: 3 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + schedule: 0 2 * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/xroad-collector + create: true + name: xroad-collector diff --git a/charts/services/xroad-collector/values.staging.yaml b/charts/services/xroad-collector/values.staging.yaml index de0ca24b8296..dc640c8db8d8 100644 --- a/charts/services/xroad-collector/values.staging.yaml +++ b/charts/services/xroad-collector/values.staging.yaml @@ -1,104 +1,68 @@ -{ - "xroad-collector": { - "serviceDef": { - "liveness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "readiness": { - "path": "/", - "timeoutSeconds": 3, - "initialDelaySeconds": 3 - }, - "env": { - "NODE_TLS_REJECT_UNAUTHORIZED": "0", - "ELASTIC_NODE": { - "dev": "https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com", - "staging": "https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com", - "prod": "https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com" - } - }, - "features": {}, - "name": "xroad-collector", - "grantNamespaces": [], - "grantNamespacesEnabled": false, - "secrets": { - "CONFIGCAT_SDK_KEY": "/k8s/configcat/CONFIGCAT_SDK_KEY" - }, - "ingress": {}, - "namespace": "xroad-collector", - "serviceAccountEnabled": true, - "securityContext": { - "privileged": false, - "allowPrivilegeEscalation": false - }, - "resources": { - "limits": { - "memory": "256Mi", - "cpu": "200m" - }, - "requests": { - "memory": "128Mi", - "cpu": "100m" - } - }, - "xroadConfig": [ - { - "config": { - "env": { - "XROAD_BASE_PATH": { - "prod": "http://securityserver.island.is" - }, - "XROAD_BASE_PATH_WITH_ENV": { - "staging": "http://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "http://securityserver.island.is/r1/IS" - }, - "XROAD_TLS_BASE_PATH": { - "dev": "https://securityserver.dev01.devland.is", - "staging": "https://securityserver.staging01.devland.is", - "prod": "https://securityserver.island.is" - }, - "XROAD_TLS_BASE_PATH_WITH_ENV": { - "dev": "https://securityserver.dev01.devland.is/r1/IS-DEV", - "staging": "https://securityserver.staging01.devland.is/r1/IS-TEST", - "prod": "https://securityserver.island.is/r1/IS" - } - } - } - }, - { - "config": { - "env": { - "XROAD_CLIENT_ID": { - "dev": "IS-DEV/GOV/10000/island-is-client", - "staging": "IS-TEST/GOV/5501692829/island-is-client", - "prod": "IS/GOV/5501692829/island-is-client" - } - } - } - } - ], - "files": [], - "volumes": [], - "image": "services-xroad-collector", - "accountName": "xroad-collector", - "cmds": "node", - "args": [ - "--no-experimental-fetch", - "main.js" - ], - "extraAttributes": { - "dev": { - "schedule": "0 2 * * *" - }, - "staging": { - "schedule": "0 2 * * *" - }, - "prod": { - "schedule": "0 2 * * *" - } - } - } - } -} \ No newline at end of file +service: + name: xroad-collector + args: + - --no-experimental-fetch + - main.js + command: + - node + enabled: true + env: + ELASTIC_NODE: https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com + LOG_LEVEL: info + NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init + NODE_TLS_REJECT_UNAUTHORIZED: "0" + SERVERSIDE_FEATURES_ON: "" + XROAD_BASE_PATH: http://securityserver.staging01.devland.is + XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is + XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: / + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 3 + min: 1 + image: + repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector + namespace: xroad-collector + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 3 + min: 1 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + schedule: 0 2 * * * + secrets: + CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/xroad-collector + create: true + name: xroad-collector diff --git a/infra/src/cli/generate-chart-values.ts b/infra/src/cli/generate-chart-values.ts index db5732079373..f463f666797b 100755 --- a/infra/src/cli/generate-chart-values.ts +++ b/infra/src/cli/generate-chart-values.ts @@ -4,6 +4,7 @@ import { writeFileSync, mkdirSync } from 'fs' import { Envs } from '../environments' import { OpsEnv } from '../dsl/types/input-types' import path from 'path' +import yaml from 'yaml' ;(async () => { console.log('Gathering charts') for (const [name, envs] of Object.entries(Deployments)) { @@ -28,6 +29,9 @@ import path from 'path' // Get services for this chart and environment const services = Charts[name as ChartName][envType as OpsEnv] + // Parse the rendered YAML + const parsedValues = yaml.parse(renderedValues) + // Write individual service values files for (const service of services) { const serviceName = service.name() @@ -38,16 +42,21 @@ import path from 'path' ) mkdirSync(serviceDir, { recursive: true }) - // Create service-specific values by isolating just that service's section - const serviceValues = { - [serviceName]: service, - } + // Extract just this service's section and restructure it + if (parsedValues[serviceName]) { + const serviceValues = { + service: { + name: serviceName, + ...parsedValues[serviceName], + }, + } - writeFileSync( - path.join(serviceDir, `values.${Envs[envName].type}.yaml`), - JSON.stringify(serviceValues, null, 2), // or however you format your YAML - { encoding: 'utf8' }, - ) + writeFileSync( + path.join(serviceDir, `values.${Envs[envName].type}.yaml`), + yaml.stringify(serviceValues), + { encoding: 'utf8' }, + ) + } } } } From 05ef4e8b5ea11b170efd8adf496911ec0bcd8fbe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 13 Nov 2024 08:20:48 +0000 Subject: [PATCH 23/50] fix: format --- infra/src/uber-charts/islandis.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/infra/src/uber-charts/islandis.ts b/infra/src/uber-charts/islandis.ts index 56fec4b13892..3bbd8203d9bb 100644 --- a/infra/src/uber-charts/islandis.ts +++ b/infra/src/uber-charts/islandis.ts @@ -142,7 +142,8 @@ const downloadService = downloadServiceSetup({ const userNotificationWorkerService = userNotificationWorkerSetup({ userProfileApi: servicePortalApi, }) -const userNotificationCleanupWorkerService = userNotificationCleanUpWorkerSetup() +const userNotificationCleanupWorkerService = + userNotificationCleanUpWorkerSetup() const githubActionsCache = githubActionsCacheSetup() From edf473ec828152576826179399b1d561d8861092 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 13 Nov 2024 09:33:15 +0000 Subject: [PATCH 24/50] fix: use yaml not js-yaml --- charts/identity-server/values.dev.yaml | 20 +- charts/identity-server/values.prod.yaml | 10 +- charts/identity-server/values.staging.yaml | 20 +- charts/islandis/values.dev.yaml | 61 +-- charts/islandis/values.prod.yaml | 12 +- charts/islandis/values.staging.yaml | 57 +- charts/judicial-system/values.dev.yaml | 17 - charts/judicial-system/values.prod.yaml | 8 - charts/judicial-system/values.staging.yaml | 16 - .../air-discount-scheme-api/values.dev.yaml | 63 ++- .../air-discount-scheme-api/values.prod.yaml | 60 +-- .../values.staging.yaml | 63 ++- .../values.dev.yaml | 122 +++-- .../values.prod.yaml | 116 ++-- .../values.staging.yaml | 122 +++-- .../air-discount-scheme-web/values.dev.yaml | 67 ++- .../air-discount-scheme-web/values.prod.yaml | 62 +-- .../values.staging.yaml | 67 ++- charts/services/api/values.dev.yaml | 503 +++++++++--------- charts/services/api/values.prod.yaml | 503 +++++++++--------- charts/services/api/values.staging.yaml | 498 +++++++++-------- .../values.dev.yaml | 117 ++-- .../values.prod.yaml | 118 ++-- .../values.staging.yaml | 117 ++-- .../application-system-api/values.dev.yaml | 378 +++++++------ .../application-system-api/values.prod.yaml | 380 ++++++------- .../values.staging.yaml | 378 +++++++------ .../application-system-form/values.dev.yaml | 56 +- .../application-system-form/values.prod.yaml | 61 ++- .../values.staging.yaml | 56 +- .../services/auth-admin-web/values.dev.yaml | 57 +- .../services/auth-admin-web/values.prod.yaml | 54 +- .../auth-admin-web/values.staging.yaml | 57 +- .../consultation-portal/values.dev.yaml | 55 +- .../consultation-portal/values.prod.yaml | 60 +-- .../consultation-portal/values.staging.yaml | 55 +- .../services/contentful-apps/values.dev.yaml | 37 +- .../services/contentful-apps/values.prod.yaml | 38 +- .../values.dev.yaml | 41 +- .../values.prod.yaml | 42 +- .../services/download-service/values.dev.yaml | 121 +++-- .../download-service/values.prod.yaml | 120 ++--- .../download-service/values.staging.yaml | 121 +++-- .../endorsement-system-api/values.dev.yaml | 118 ++-- .../endorsement-system-api/values.prod.yaml | 120 ++--- .../values.staging.yaml | 118 ++-- .../external-contracts-tests/values.dev.yaml | 41 +- .../github-actions-cache/values.dev.yaml | 49 +- .../values.dev.yaml | 82 ++- .../values.prod.yaml | 84 +-- .../values.staging.yaml | 82 ++- .../services/identity-server/values.dev.yaml | 137 +++-- .../services/identity-server/values.prod.yaml | 136 ++--- .../identity-server/values.staging.yaml | 137 +++-- .../island-ui-storybook/values.dev.yaml | 35 +- .../island-ui-storybook/values.prod.yaml | 36 +- .../island-ui-storybook/values.staging.yaml | 35 +- .../judicial-system-api/values.dev.yaml | 84 ++- .../judicial-system-api/values.prod.yaml | 85 ++- .../judicial-system-api/values.staging.yaml | 84 ++- .../judicial-system-backend/values.dev.yaml | 175 +++--- .../judicial-system-backend/values.prod.yaml | 177 +++--- .../values.staging.yaml | 176 +++--- .../values.dev.yaml | 55 +- .../values.prod.yaml | 56 +- .../values.staging.yaml | 55 +- .../values.dev.yaml | 47 +- .../values.prod.yaml | 48 +- .../values.staging.yaml | 47 +- .../judicial-system-robot-api/values.dev.yaml | 51 +- .../values.prod.yaml | 52 +- .../values.staging.yaml | 51 +- .../judicial-system-scheduler/values.dev.yaml | 51 +- .../values.prod.yaml | 52 +- .../values.staging.yaml | 51 +- .../judicial-system-web/values.dev.yaml | 49 +- .../judicial-system-web/values.prod.yaml | 50 +- .../judicial-system-web/values.staging.yaml | 49 +- .../judicial-system-xrd-api/values.dev.yaml | 53 +- .../judicial-system-xrd-api/values.prod.yaml | 54 +- .../values.staging.yaml | 53 +- charts/services/license-api/values.dev.yaml | 107 ++-- charts/services/license-api/values.prod.yaml | 108 ++-- .../services/license-api/values.staging.yaml | 107 ++-- charts/services/portals-admin/values.dev.yaml | 53 +- .../services/portals-admin/values.prod.yaml | 58 +- .../portals-admin/values.staging.yaml | 53 +- .../regulations-admin-backend/values.dev.yaml | 100 ++-- .../values.prod.yaml | 102 ++-- .../values.staging.yaml | 100 ++-- .../search-indexer-service/values.dev.yaml | 136 +++-- .../search-indexer-service/values.prod.yaml | 136 ++--- .../values.staging.yaml | 136 +++-- .../service-portal-api/values.dev.yaml | 140 +++-- .../service-portal-api/values.prod.yaml | 142 ++--- .../service-portal-api/values.staging.yaml | 140 +++-- .../services/service-portal/values.dev.yaml | 61 ++- .../services/service-portal/values.prod.yaml | 66 +-- .../service-portal/values.staging.yaml | 61 ++- .../services-auth-admin-api/values.dev.yaml | 97 ++-- .../services-auth-admin-api/values.prod.yaml | 98 ++-- .../values.staging.yaml | 97 ++-- .../values.dev.yaml | 97 ++-- .../values.prod.yaml | 98 ++-- .../values.staging.yaml | 97 ++-- .../values.dev.yaml | 51 +- .../values.prod.yaml | 52 +- .../values.staging.yaml | 51 +- .../services-auth-ids-api/values.dev.yaml | 150 +++--- .../services-auth-ids-api/values.prod.yaml | 152 +++--- .../services-auth-ids-api/values.staging.yaml | 150 +++--- .../values.dev.yaml | 45 +- .../values.prod.yaml | 46 +- .../values.staging.yaml | 45 +- .../values.dev.yaml | 85 ++- .../values.prod.yaml | 86 +-- .../values.staging.yaml | 85 ++- .../services-auth-public-api/values.dev.yaml | 113 ++-- .../services-auth-public-api/values.prod.yaml | 114 ++-- .../values.staging.yaml | 113 ++-- .../values.dev.yaml | 71 ++- .../values.prod.yaml | 74 +-- .../values.staging.yaml | 71 ++- .../services-documents/values.dev.yaml | 68 ++- .../services-documents/values.prod.yaml | 70 +-- .../services-documents/values.staging.yaml | 68 ++- .../services-sessions-cleanup/values.dev.yaml | 49 +- .../values.prod.yaml | 50 +- .../values.staging.yaml | 49 +- .../services-sessions-worker/values.dev.yaml | 86 ++- .../services-sessions-worker/values.prod.yaml | 88 +-- .../values.staging.yaml | 86 ++- .../services-sessions/values.dev.yaml | 53 +- .../services-sessions/values.prod.yaml | 54 +- .../services-sessions/values.staging.yaml | 53 +- .../values.dev.yaml | 85 ++- .../values.prod.yaml | 86 +-- .../values.staging.yaml | 85 ++- .../values.dev.yaml | 130 +++-- .../values.prod.yaml | 132 ++--- .../values.staging.yaml | 130 +++-- .../services/skilavottord-web/values.dev.yaml | 55 +- .../skilavottord-web/values.prod.yaml | 60 +-- .../skilavottord-web/values.staging.yaml | 55 +- .../services/skilavottord-ws/values.dev.yaml | 94 ++-- .../services/skilavottord-ws/values.prod.yaml | 100 ++-- .../skilavottord-ws/values.staging.yaml | 94 ++-- charts/services/unicorn-app/values.dev.yaml | 37 +- .../values.dev.yaml | 82 ++- .../values.prod.yaml | 84 +-- .../values.staging.yaml | 82 ++- .../user-notification-worker/values.dev.yaml | 130 +++-- .../user-notification-worker/values.prod.yaml | 132 ++--- .../values.staging.yaml | 130 +++-- .../user-notification/values.dev.yaml | 109 ++-- .../user-notification/values.prod.yaml | 110 ++-- .../user-notification/values.staging.yaml | 109 ++-- charts/services/web/values.dev.yaml | 63 ++- charts/services/web/values.prod.yaml | 68 +-- charts/services/web/values.staging.yaml | 65 ++- .../services/xroad-collector/values.dev.yaml | 51 +- .../services/xroad-collector/values.prod.yaml | 52 +- .../xroad-collector/values.staging.yaml | 51 +- infra/package.json | 2 +- infra/src/cli/generate-chart-values.ts | 111 ++-- infra/yarn.lock | 22 +- 166 files changed, 7464 insertions(+), 7751 deletions(-) diff --git a/charts/identity-server/values.dev.yaml b/charts/identity-server/values.dev.yaml index d430d1e0e563..a5ee35c34990 100644 --- a/charts/identity-server/values.dev.yaml +++ b/charts/identity-server/values.dev.yaml @@ -1,9 +1,3 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### auth-admin-web: enabled: true env: @@ -13,7 +7,6 @@ auth-admin-web: NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' NEXT_PUBLIC_BACKEND_URL: '/backend' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'nginx-ingress-internal' @@ -88,7 +81,9 @@ identity-server: annotations: ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": + "http://%%host%%:5003/metrics","namespace": + "identity-server","metrics":["*"]}]' ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' enabled: true env: @@ -119,7 +114,6 @@ identity-server: PersistenceSettings__DelegationsCacheEnabled: 'false' RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' files: - 'ids-signing.pfx' @@ -227,7 +221,6 @@ services-auth-admin-api: IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' @@ -318,7 +311,6 @@ services-auth-delegation-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' @@ -422,7 +414,6 @@ services-auth-ids-api: PASSKEY_CORE_RP_NAME: 'Island.is' PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' @@ -495,7 +486,6 @@ services-auth-ids-api: DB_NAME: 'servicesauth' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/servicesauth/DB_PASSWORD' namespace: 'identity-server' @@ -541,7 +531,6 @@ services-auth-ids-api-cleanup: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'user-notification' @@ -601,7 +590,6 @@ services-auth-personal-representative: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' @@ -683,7 +671,6 @@ services-auth-personal-representative-public: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -754,7 +741,6 @@ services-auth-public-api: PASSKEY_CORE_RP_NAME: 'Island.is' PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' diff --git a/charts/identity-server/values.prod.yaml b/charts/identity-server/values.prod.yaml index c0e37b07b13c..25efd523dc8f 100644 --- a/charts/identity-server/values.prod.yaml +++ b/charts/identity-server/values.prod.yaml @@ -1,9 +1,3 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### auth-admin-web: enabled: true env: @@ -86,7 +80,9 @@ identity-server: annotations: ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": + "http://%%host%%:5003/metrics","namespace": + "identity-server","metrics":["*"]}]' ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' enabled: true env: diff --git a/charts/identity-server/values.staging.yaml b/charts/identity-server/values.staging.yaml index a12c3b255921..4dac4301e044 100644 --- a/charts/identity-server/values.staging.yaml +++ b/charts/identity-server/values.staging.yaml @@ -1,9 +1,3 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### auth-admin-web: enabled: true env: @@ -13,7 +7,6 @@ auth-admin-web: NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' NEXT_PUBLIC_BACKEND_URL: '/backend' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'nginx-ingress-internal' @@ -88,7 +81,9 @@ identity-server: annotations: ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": + "http://%%host%%:5003/metrics","namespace": + "identity-server","metrics":["*"]}]' ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' enabled: true env: @@ -119,7 +114,6 @@ identity-server: PersistenceSettings__DelegationsCacheEnabled: 'false' RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: '' SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' files: - 'ids-signing.pfx' @@ -227,7 +221,6 @@ services-auth-admin-api: IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' @@ -318,7 +311,6 @@ services-auth-delegation-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' @@ -422,7 +414,6 @@ services-auth-ids-api: PASSKEY_CORE_RP_NAME: 'Island.is' PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' @@ -495,7 +486,6 @@ services-auth-ids-api: DB_NAME: 'servicesauth' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/servicesauth/DB_PASSWORD' namespace: 'identity-server' @@ -541,7 +531,6 @@ services-auth-ids-api-cleanup: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'user-notification' @@ -601,7 +590,6 @@ services-auth-personal-representative: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' @@ -683,7 +671,6 @@ services-auth-personal-representative-public: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -754,7 +741,6 @@ services-auth-public-api: PASSKEY_CORE_RP_NAME: 'Island.is' PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' diff --git a/charts/islandis/values.dev.yaml b/charts/islandis/values.dev.yaml index 8714202f38ed..f195a7c63277 100644 --- a/charts/islandis/values.dev.yaml +++ b/charts/islandis/values.dev.yaml @@ -1,9 +1,3 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### air-discount-scheme-api: enabled: true env: @@ -14,7 +8,6 @@ air-discount-scheme-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'islandis' @@ -94,7 +87,6 @@ air-discount-scheme-backend: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -161,7 +153,6 @@ air-discount-scheme-backend: DB_NAME: 'air_discount_scheme_backend' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' namespace: 'air-discount-scheme' @@ -202,7 +193,6 @@ air-discount-scheme-web: LOG_LEVEL: 'info' NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'islandis' @@ -230,7 +220,9 @@ air-discount-scheme-web: primary-alb: annotations: kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ + https://beta.dev01.devland.is/loftbru; rewrite /en$ + https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' nginx.ingress.kubernetes.io/proxy-buffering: 'on' nginx.ingress.kubernetes.io/proxy-buffers-number: '4' @@ -319,7 +311,6 @@ api: NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' SYSLUMENN_TIMEOUT: '40000' @@ -621,7 +612,6 @@ application-system-api: NOVA_USERNAME: 'IslandIs_User_Development' RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' @@ -752,7 +742,6 @@ application-system-api: DB_NAME: 'application_system_api' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/application-system-api/DB_PASSWORD' namespace: 'application-system' @@ -846,7 +835,6 @@ application-system-api-worker: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' @@ -930,9 +918,7 @@ application-system-form: BASEPATH: '/umsoknir' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_PATH: '' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' grantNamespaces: - 'nginx-ingress-internal' @@ -1003,7 +989,6 @@ consultation-portal: LOG_LEVEL: 'info' NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1064,7 +1049,6 @@ contentful-apps: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1127,7 +1111,6 @@ contentful-entry-tagger-service: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1195,7 +1178,6 @@ download-service: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' @@ -1312,7 +1294,6 @@ endorsement-system-api: NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -1365,7 +1346,6 @@ endorsement-system-api: DB_NAME: 'services_endorsements_api' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' namespace: 'endorsement-system' @@ -1403,7 +1383,6 @@ external-contracts-tests: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' @@ -1466,7 +1445,6 @@ github-actions-cache: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460' REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1546,7 +1524,6 @@ icelandic-names-registry-backend: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'islandis' grantNamespacesEnabled: true @@ -1602,7 +1579,6 @@ icelandic-names-registry-backend: DB_NAME: 'icelandic_names_registry_backend' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' namespace: 'icelandic-names-registry' @@ -1631,7 +1607,6 @@ island-ui-storybook: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -1691,7 +1666,6 @@ license-api: LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -1810,7 +1784,6 @@ portals-admin: BASEPATH: '/stjornbord' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'dev' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' grantNamespaces: @@ -1885,7 +1858,6 @@ regulations-admin-backend: NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -1934,7 +1906,6 @@ regulations-admin-backend: DB_NAME: 'regulations_admin_backend' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' namespace: 'regulations-admin' @@ -1978,7 +1949,6 @@ search-indexer-service: ENVIRONMENT: 'dev' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -2061,7 +2031,6 @@ search-indexer-service: ENVIRONMENT: 'dev' NODE_OPTIONS: '--max-old-space-size=2048' S3_BUCKET: 'dev-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' secrets: CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' @@ -2103,7 +2072,6 @@ service-portal: BASEPATH: '/minarsidur' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'dev' SI_PUBLIC_GRAPHQL_API: '/api/graphql' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' @@ -2186,7 +2154,6 @@ service-portal-api: NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' @@ -2250,7 +2217,6 @@ service-portal-api: DB_NAME: 'service_portal_api' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' namespace: 'service-portal' @@ -2313,7 +2279,6 @@ services-bff-portals-admin: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'identity-server' grantNamespacesEnabled: true @@ -2387,7 +2352,6 @@ services-documents: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'islandis' - 'application-system' @@ -2431,7 +2395,6 @@ services-documents: DB_NAME: 'services_documents' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-documents/DB_PASSWORD' namespace: 'services-documents' @@ -2467,7 +2430,6 @@ services-sessions: NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2536,7 +2498,6 @@ services-sessions-cleanup: DB_USER: 'services_sessions' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2601,7 +2562,6 @@ services-sessions-worker: NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2647,7 +2607,6 @@ services-sessions-worker: DB_NAME: 'services_sessions' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-sessions/DB_PASSWORD' namespace: 'services-sessions' @@ -2694,7 +2653,6 @@ services-university-gateway: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -2773,7 +2731,6 @@ services-university-gateway: DB_NAME: 'services_university_gateway' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' namespace: 'services-university-gateway' @@ -2823,7 +2780,6 @@ services-university-gateway-worker: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -2897,7 +2853,6 @@ skilavottord-web: ENVIRONMENT: 'dev' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -2967,7 +2922,6 @@ skilavottord-ws: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'application-system' grantNamespacesEnabled: true @@ -3019,7 +2973,6 @@ skilavottord-ws: DB_NAME: 'skilavottord' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/skilavottord/DB_PASSWORD' namespace: 'skilavottord' @@ -3058,7 +3011,6 @@ unicorn-app: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -3144,7 +3096,6 @@ user-notification: NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' @@ -3235,7 +3186,6 @@ user-notification-cleanup-worker: DB_USER: 'user_notification' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -3280,7 +3230,6 @@ user-notification-cleanup-worker: DB_NAME: 'user_notification' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/user-notification/DB_PASSWORD' namespace: 'user-notification' @@ -3343,7 +3292,6 @@ user-notification-worker: NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' @@ -3395,7 +3343,6 @@ user-notification-worker: DB_NAME: 'user_notification' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/user-notification/DB_PASSWORD' namespace: 'user-notification' @@ -3441,7 +3388,6 @@ web: ENVIRONMENT: 'dev' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' TRACKING_DOMAIN: 'beta.dev01.devland.is' grantNamespaces: - 'nginx-ingress-external' @@ -3514,7 +3460,6 @@ xroad-collector: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' diff --git a/charts/islandis/values.prod.yaml b/charts/islandis/values.prod.yaml index 8d14a6110562..2077b2126862 100644 --- a/charts/islandis/values.prod.yaml +++ b/charts/islandis/values.prod.yaml @@ -1,9 +1,3 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### air-discount-scheme-api: enabled: true env: @@ -222,7 +216,9 @@ air-discount-scheme-web: primary-alb: annotations: kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ + https://island.is/loftbru; rewrite /en$ + https://island.is/en/lower-airfares-for-residents-in-rural-areas;' nginx.ingress.kubernetes.io/enable-global-auth: 'false' nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' nginx.ingress.kubernetes.io/proxy-buffering: 'on' @@ -290,7 +286,6 @@ api: FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' @@ -920,7 +915,6 @@ application-system-form: NODE_OPTIONS: '--max-old-space-size=230' SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_PATH: '' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' grantNamespaces: - 'nginx-ingress-internal' diff --git a/charts/islandis/values.staging.yaml b/charts/islandis/values.staging.yaml index 47cb2838c5bc..b72fa743410e 100644 --- a/charts/islandis/values.staging.yaml +++ b/charts/islandis/values.staging.yaml @@ -1,9 +1,3 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### air-discount-scheme-api: enabled: true env: @@ -14,7 +8,6 @@ air-discount-scheme-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'islandis' @@ -94,7 +87,6 @@ air-discount-scheme-backend: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -161,7 +153,6 @@ air-discount-scheme-backend: DB_NAME: 'air_discount_scheme_backend' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' namespace: 'air-discount-scheme' @@ -202,7 +193,6 @@ air-discount-scheme-web: LOG_LEVEL: 'info' NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'islandis' @@ -230,7 +220,9 @@ air-discount-scheme-web: primary-alb: annotations: kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ + https://beta.staging01.devland.is/loftbru; rewrite /en$ + https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' nginx.ingress.kubernetes.io/proxy-buffering: 'on' nginx.ingress.kubernetes.io/proxy-buffers-number: '4' @@ -302,7 +294,6 @@ api: FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: '' HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' @@ -319,7 +310,6 @@ api: NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' SEND_FROM_EMAIL: 'development@island.is' - SERVERSIDE_FEATURES_ON: '' SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' SYSLUMENN_TIMEOUT: '40000' @@ -618,7 +608,6 @@ application-system-api: NOVA_USERNAME: 'IslandIs_User_Development' RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' @@ -749,7 +738,6 @@ application-system-api: DB_NAME: 'application_system_api' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/application-system-api/DB_PASSWORD' namespace: 'application-system' @@ -843,7 +831,6 @@ application-system-api-worker: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' @@ -927,9 +914,7 @@ application-system-form: BASEPATH: '/umsoknir' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_PATH: '' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' grantNamespaces: - 'nginx-ingress-internal' @@ -1000,7 +985,6 @@ consultation-portal: LOG_LEVEL: 'info' NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1064,7 +1048,6 @@ download-service: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: '' XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' @@ -1181,7 +1164,6 @@ endorsement-system-api: NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -1234,7 +1216,6 @@ endorsement-system-api: DB_NAME: 'services_endorsements_api' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' namespace: 'endorsement-system' @@ -1288,7 +1269,6 @@ icelandic-names-registry-backend: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'islandis' grantNamespacesEnabled: true @@ -1344,7 +1324,6 @@ icelandic-names-registry-backend: DB_NAME: 'icelandic_names_registry_backend' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' namespace: 'icelandic-names-registry' @@ -1373,7 +1352,6 @@ island-ui-storybook: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -1433,7 +1411,6 @@ license-api: LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -1547,7 +1524,6 @@ portals-admin: BASEPATH: '/stjornbord' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'staging' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' grantNamespaces: @@ -1622,7 +1598,6 @@ regulations-admin-backend: NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -1671,7 +1646,6 @@ regulations-admin-backend: DB_NAME: 'regulations_admin_backend' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' namespace: 'regulations-admin' @@ -1715,7 +1689,6 @@ search-indexer-service: ENVIRONMENT: 'staging' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1798,7 +1771,6 @@ search-indexer-service: ENVIRONMENT: 'staging' NODE_OPTIONS: '--max-old-space-size=2048' S3_BUCKET: 'staging-es-custom-packages' - SERVERSIDE_FEATURES_ON: '' secrets: CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' @@ -1840,7 +1812,6 @@ service-portal: BASEPATH: '/minarsidur' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'staging' SI_PUBLIC_GRAPHQL_API: '/api/graphql' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' @@ -1923,7 +1894,6 @@ service-portal-api: NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' @@ -1987,7 +1957,6 @@ service-portal-api: DB_NAME: 'service_portal_api' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' namespace: 'service-portal' @@ -2050,7 +2019,6 @@ services-bff-portals-admin: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'identity-server' grantNamespacesEnabled: true @@ -2124,7 +2092,6 @@ services-documents: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'islandis' - 'application-system' @@ -2168,7 +2135,6 @@ services-documents: DB_NAME: 'services_documents' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-documents/DB_PASSWORD' namespace: 'services-documents' @@ -2204,7 +2170,6 @@ services-sessions: NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2273,7 +2238,6 @@ services-sessions-cleanup: DB_USER: 'services_sessions' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2338,7 +2302,6 @@ services-sessions-worker: NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2384,7 +2347,6 @@ services-sessions-worker: DB_NAME: 'services_sessions' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-sessions/DB_PASSWORD' namespace: 'services-sessions' @@ -2431,7 +2393,6 @@ services-university-gateway: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -2510,7 +2471,6 @@ services-university-gateway: DB_NAME: 'services_university_gateway' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' namespace: 'services-university-gateway' @@ -2560,7 +2520,6 @@ services-university-gateway-worker: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -2634,7 +2593,6 @@ skilavottord-web: ENVIRONMENT: 'staging' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -2704,7 +2662,6 @@ skilavottord-ws: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'application-system' grantNamespacesEnabled: true @@ -2756,7 +2713,6 @@ skilavottord-ws: DB_NAME: 'skilavottord' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/skilavottord/DB_PASSWORD' namespace: 'skilavottord' @@ -2818,7 +2774,6 @@ user-notification: NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' @@ -2909,7 +2864,6 @@ user-notification-cleanup-worker: DB_USER: 'user_notification' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2954,7 +2908,6 @@ user-notification-cleanup-worker: DB_NAME: 'user_notification' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/user-notification/DB_PASSWORD' namespace: 'user-notification' @@ -3017,7 +2970,6 @@ user-notification-worker: NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' @@ -3069,7 +3021,6 @@ user-notification-worker: DB_NAME: 'user_notification' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/user-notification/DB_PASSWORD' namespace: 'user-notification' @@ -3116,7 +3067,6 @@ web: ENVIRONMENT: 'staging' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' TRACKING_DOMAIN: 'beta.staging01.devland.is' grantNamespaces: - 'nginx-ingress-external' @@ -3189,7 +3139,6 @@ xroad-collector: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' diff --git a/charts/judicial-system/values.dev.yaml b/charts/judicial-system/values.dev.yaml index 49f263495fd2..2190071ab021 100644 --- a/charts/judicial-system/values.dev.yaml +++ b/charts/judicial-system/values.dev.yaml @@ -1,9 +1,3 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### global: env: AUDIT_GROUP_NAME: '/island-is/audit-log' @@ -29,11 +23,9 @@ judicial-system-api: BACKEND_URL: 'http://web-judicial-system-backend' CONTENTFUL_ENVIRONMENT: 'test' CONTENTFUL_HOST: 'preview.contentful.com' - HIDDEN_FEATURES: '' IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -105,7 +97,6 @@ judicial-system-api: judicial-system-backend: enabled: true env: - BLOCKED_API_INTEGRATION: '' CLIENT_URL: 'https://judicial-system.dev01.devland.is' CONTENTFUL_ENVIRONMENT: 'test' CONTENTFUL_HOST: 'preview.contentful.com' @@ -122,7 +113,6 @@ judicial-system-backend: S3_REGION: 'eu-west-1' S3_TIME_TO_LIVE_GET: '5' S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -178,7 +168,6 @@ judicial-system-backend: DB_NAME: 'judicial_system' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/judicial-system/DB_PASSWORD' namespace: 'judicial-system' @@ -249,7 +238,6 @@ judicial-system-digital-mailbox-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true @@ -322,7 +310,6 @@ judicial-system-message-handler: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -385,7 +372,6 @@ judicial-system-robot-api: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true @@ -457,7 +443,6 @@ judicial-system-scheduler: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -520,7 +505,6 @@ judicial-system-web: INTERNAL_API_URL: 'http://web-judicial-system-api' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -586,7 +570,6 @@ judicial-system-xrd-api: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true diff --git a/charts/judicial-system/values.prod.yaml b/charts/judicial-system/values.prod.yaml index 3d7760a9ba00..b1495ed45040 100644 --- a/charts/judicial-system/values.prod.yaml +++ b/charts/judicial-system/values.prod.yaml @@ -1,9 +1,3 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### global: env: AUDIT_GROUP_NAME: '/island-is/audit-log' @@ -29,7 +23,6 @@ judicial-system-api: BACKEND_URL: 'http://web-judicial-system-backend' CONTENTFUL_ENVIRONMENT: 'master' CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' @@ -105,7 +98,6 @@ judicial-system-api: judicial-system-backend: enabled: true env: - BLOCKED_API_INTEGRATION: '' CLIENT_URL: 'https://rettarvorslugatt.island.is' CONTENTFUL_ENVIRONMENT: 'master' CONTENTFUL_HOST: 'cdn.contentful.com' diff --git a/charts/judicial-system/values.staging.yaml b/charts/judicial-system/values.staging.yaml index 74f9f7dbeb28..9637ba6483d0 100644 --- a/charts/judicial-system/values.staging.yaml +++ b/charts/judicial-system/values.staging.yaml @@ -1,9 +1,3 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### global: env: AUDIT_GROUP_NAME: '/island-is/audit-log' @@ -29,11 +23,9 @@ judicial-system-api: BACKEND_URL: 'http://web-judicial-system-backend' CONTENTFUL_ENVIRONMENT: 'test' CONTENTFUL_HOST: 'cdn.contentful.com' - HIDDEN_FEATURES: '' IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -122,7 +114,6 @@ judicial-system-backend: S3_REGION: 'eu-west-1' S3_TIME_TO_LIVE_GET: '5' S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -178,7 +169,6 @@ judicial-system-backend: DB_NAME: 'judicial_system' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/judicial-system/DB_PASSWORD' namespace: 'judicial-system' @@ -249,7 +239,6 @@ judicial-system-digital-mailbox-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true @@ -322,7 +311,6 @@ judicial-system-message-handler: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -385,7 +373,6 @@ judicial-system-robot-api: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true @@ -457,7 +444,6 @@ judicial-system-scheduler: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -520,7 +506,6 @@ judicial-system-web: INTERNAL_API_URL: 'http://web-judicial-system-api' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -586,7 +571,6 @@ judicial-system-xrd-api: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true diff --git a/charts/services/air-discount-scheme-api/values.dev.yaml b/charts/services/air-discount-scheme-api/values.dev.yaml index 4b9456c5ce68..67314a0df9e6 100644 --- a/charts/services/air-discount-scheme-api/values.dev.yaml +++ b/charts/services/air-discount-scheme-api/values.dev.yaml @@ -1,27 +1,26 @@ service: - name: air-discount-scheme-api + name: 'air-discount-scheme-api' enabled: true env: - AUTH_AUDIENCE: loftbru.dev01.devland.is - BACKEND_URL: http://web-air-discount-scheme-backend - CONTENTFUL_HOST: preview.contentful.com - ELASTIC_NODE: https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + AUTH_AUDIENCE: 'loftbru.dev01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'preview.contentful.com' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external - - islandis + - 'nginx-ingress-external' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -32,20 +31,20 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: loftbru.dev01.devland.is + - host: 'loftbru.dev01.devland.is' paths: - - /api/graphql - - host: loftbru-cf.dev01.devland.is + - '/api/graphql' + - host: 'loftbru-cf.dev01.devland.is' paths: - - /api/graphql - namespace: air-discount-scheme + - '/api/graphql' + namespace: 'air-discount-scheme' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -57,22 +56,22 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - ADMINS: /k8s/air-discount-scheme/api/ADMINS - AUTH_JWT_SECRET: /k8s/air-discount-scheme/api/AUTH_JWT_SECRET - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN - DEVELOPERS: /k8s/air-discount-scheme/api/DEVELOPERS + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/air-discount-scheme-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' create: true - name: air-discount-scheme-api + name: 'air-discount-scheme-api' diff --git a/charts/services/air-discount-scheme-api/values.prod.yaml b/charts/services/air-discount-scheme-api/values.prod.yaml index 2cef53ce7762..61dbdd878a6e 100644 --- a/charts/services/air-discount-scheme-api/values.prod.yaml +++ b/charts/services/air-discount-scheme-api/values.prod.yaml @@ -1,27 +1,27 @@ service: - name: air-discount-scheme-api + name: 'air-discount-scheme-api' enabled: true env: - AUTH_AUDIENCE: loftbru.island.is - BACKEND_URL: http://web-air-discount-scheme-backend - CONTENTFUL_HOST: cdn.contentful.com - ELASTIC_NODE: https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + AUTH_AUDIENCE: 'loftbru.island.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-external - - islandis + - 'nginx-ingress-external' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -32,17 +32,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: loftbru.island.is + - host: 'loftbru.island.is' paths: - - /api/graphql - namespace: air-discount-scheme + - '/api/graphql' + namespace: 'air-discount-scheme' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -54,22 +54,22 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - ADMINS: /k8s/air-discount-scheme/api/ADMINS - AUTH_JWT_SECRET: /k8s/air-discount-scheme/api/AUTH_JWT_SECRET - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN - DEVELOPERS: /k8s/air-discount-scheme/api/DEVELOPERS + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/air-discount-scheme-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' create: true - name: air-discount-scheme-api + name: 'air-discount-scheme-api' diff --git a/charts/services/air-discount-scheme-api/values.staging.yaml b/charts/services/air-discount-scheme-api/values.staging.yaml index bcb2920f540b..858b41f5fb4c 100644 --- a/charts/services/air-discount-scheme-api/values.staging.yaml +++ b/charts/services/air-discount-scheme-api/values.staging.yaml @@ -1,27 +1,26 @@ service: - name: air-discount-scheme-api + name: 'air-discount-scheme-api' enabled: true env: - AUTH_AUDIENCE: loftbru.staging01.devland.is - BACKEND_URL: http://web-air-discount-scheme-backend - CONTENTFUL_HOST: cdn.contentful.com - ELASTIC_NODE: https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + AUTH_AUDIENCE: 'loftbru.staging01.devland.is' + BACKEND_URL: 'http://web-air-discount-scheme-backend' + CONTENTFUL_HOST: 'cdn.contentful.com' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external - - islandis + - 'nginx-ingress-external' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -32,20 +31,20 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: loftbru.staging01.devland.is + - host: 'loftbru.staging01.devland.is' paths: - - /api/graphql - - host: loftbru-cf.staging01.devland.is + - '/api/graphql' + - host: 'loftbru-cf.staging01.devland.is' paths: - - /api/graphql - namespace: air-discount-scheme + - '/api/graphql' + namespace: 'air-discount-scheme' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -57,22 +56,22 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - ADMINS: /k8s/air-discount-scheme/api/ADMINS - AUTH_JWT_SECRET: /k8s/air-discount-scheme/api/AUTH_JWT_SECRET - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN - DEVELOPERS: /k8s/air-discount-scheme/api/DEVELOPERS + ADMINS: '/k8s/air-discount-scheme/api/ADMINS' + AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' + DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/air-discount-scheme-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' create: true - name: air-discount-scheme-api + name: 'air-discount-scheme-api' diff --git a/charts/services/air-discount-scheme-backend/values.dev.yaml b/charts/services/air-discount-scheme-backend/values.dev.yaml index f1da1b5be5b6..edd91838d9f8 100644 --- a/charts/services/air-discount-scheme-backend/values.dev.yaml +++ b/charts/services/air-discount-scheme-backend/values.dev.yaml @@ -1,38 +1,37 @@ service: - name: air-discount-scheme-backend + name: 'air-discount-scheme-backend' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: air_discount_scheme_backend - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: air_discount_scheme_backend - ENVIRONMENT: dev - IDENTITY_SERVER_CLIENT_ID: "@vegagerdin.is/clients/air-discount-scheme" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - REDIS_URL_NODE_01: clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379 - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "10001" - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' grantNamespaces: - - islandis + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -43,46 +42,45 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: loftbru.dev01.devland.is + - host: 'loftbru.dev01.devland.is' paths: - - /api/swagger - - /api/public - - host: loftbru-cf.dev01.devland.is + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.dev01.devland.is' paths: - - /api/swagger - - /api/public + - '/api/swagger' + - '/api/public' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: air_discount_scheme_backend - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: air_discount_scheme_backend - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'air_discount_scheme_backend' secrets: - DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD - namespace: air-discount-scheme + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -92,22 +90,22 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD - ERNIR_API_KEY: /k8s/air-discount-scheme/backend/ERNIR_API_KEY - ICELANDAIR_API_KEY: /k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY - IDENTITY_SERVER_CLIENT_SECRET: /k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET - MYFLUG_API_KEY: /k8s/air-discount-scheme/backend/MYFLUG_API_KEY - NATIONAL_REGISTRY_PASSWORD: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD - NATIONAL_REGISTRY_URL: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL - NATIONAL_REGISTRY_USERNAME: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME - NORLANDAIR_API_KEY: /k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/air-discount-scheme-backend/values.prod.yaml b/charts/services/air-discount-scheme-backend/values.prod.yaml index df0023758108..a2f00949f619 100644 --- a/charts/services/air-discount-scheme-backend/values.prod.yaml +++ b/charts/services/air-discount-scheme-backend/values.prod.yaml @@ -1,38 +1,38 @@ service: - name: air-discount-scheme-backend + name: 'air-discount-scheme-backend' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: air_discount_scheme_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: air_discount_scheme_backend - ENVIRONMENT: prod - IDENTITY_SERVER_CLIENT_ID: "@vegagerdin.is/clients/air-discount-scheme" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - REDIS_URL_NODE_01: clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379 - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' grantNamespaces: - - islandis + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -43,41 +43,41 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: loftbru.island.is + - host: 'loftbru.island.is' paths: - - /api/swagger - - /api/public + - '/api/swagger' + - '/api/public' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: air_discount_scheme_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: air_discount_scheme_backend - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD - namespace: air-discount-scheme + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -87,22 +87,22 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD - ERNIR_API_KEY: /k8s/air-discount-scheme/backend/ERNIR_API_KEY - ICELANDAIR_API_KEY: /k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY - IDENTITY_SERVER_CLIENT_SECRET: /k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET - MYFLUG_API_KEY: /k8s/air-discount-scheme/backend/MYFLUG_API_KEY - NATIONAL_REGISTRY_PASSWORD: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD - NATIONAL_REGISTRY_URL: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL - NATIONAL_REGISTRY_USERNAME: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME - NORLANDAIR_API_KEY: /k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/air-discount-scheme-backend/values.staging.yaml b/charts/services/air-discount-scheme-backend/values.staging.yaml index 3dd0765ca405..3931f900b739 100644 --- a/charts/services/air-discount-scheme-backend/values.staging.yaml +++ b/charts/services/air-discount-scheme-backend/values.staging.yaml @@ -1,38 +1,37 @@ service: - name: air-discount-scheme-backend + name: 'air-discount-scheme-backend' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: air_discount_scheme_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: air_discount_scheme_backend - ENVIRONMENT: staging - IDENTITY_SERVER_CLIENT_ID: "@vegagerdin.is/clients/air-discount-scheme" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - REDIS_URL_NODE_01: clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379 - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' grantNamespaces: - - islandis + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -43,46 +42,45 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: loftbru.staging01.devland.is + - host: 'loftbru.staging01.devland.is' paths: - - /api/swagger - - /api/public - - host: loftbru-cf.staging01.devland.is + - '/api/swagger' + - '/api/public' + - host: 'loftbru-cf.staging01.devland.is' paths: - - /api/swagger - - /api/public + - '/api/swagger' + - '/api/public' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: air_discount_scheme_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: air_discount_scheme_backend - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'air_discount_scheme_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'air_discount_scheme_backend' secrets: - DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD - namespace: air-discount-scheme + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + namespace: 'air-discount-scheme' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -92,22 +90,22 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/air-discount-scheme-backend/DB_PASSWORD - ERNIR_API_KEY: /k8s/air-discount-scheme/backend/ERNIR_API_KEY - ICELANDAIR_API_KEY: /k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY - IDENTITY_SERVER_CLIENT_SECRET: /k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET - MYFLUG_API_KEY: /k8s/air-discount-scheme/backend/MYFLUG_API_KEY - NATIONAL_REGISTRY_PASSWORD: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD - NATIONAL_REGISTRY_URL: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL - NATIONAL_REGISTRY_USERNAME: /k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME - NORLANDAIR_API_KEY: /k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' + ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' + ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' + MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' + NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' + NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' + NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' + NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/air-discount-scheme-web/values.dev.yaml b/charts/services/air-discount-scheme-web/values.dev.yaml index 4b760c93dd6c..b2c0a8699934 100644 --- a/charts/services/air-discount-scheme-web/values.dev.yaml +++ b/charts/services/air-discount-scheme-web/values.dev.yaml @@ -1,26 +1,25 @@ service: - name: air-discount-scheme-web + name: 'air-discount-scheme-web' enabled: true env: - API_URL: http://web-air-discount-scheme-api - ENVIRONMENT: dev - IDENTITY_SERVER_ISSUER_DOMAIN: identity-server.dev01.devland.is - LOG_LEVEL: info - NEXTAUTH_URL: https://loftbru.dev01.devland.is - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external - - islandis + - 'nginx-ingress-external' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -31,27 +30,27 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/configuration-snippet: rewrite /$ + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ - https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas; - nginx.ingress.kubernetes.io/proxy-buffer-size: 16k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/proxy-buffers-number: "4" - nginx.ingress.kubernetes.io/server-snippet: client_header_buffer_size 16k; large_client_header_buffers 4 16k; - nginx.ingress.kubernetes.io/service-upstream: "true" + https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: loftbru.dev01.devland.is + - host: 'loftbru.dev01.devland.is' paths: - - / - - host: loftbru-cf.dev01.devland.is + - '/' + - host: 'loftbru-cf.dev01.devland.is' paths: - - / - namespace: air-discount-scheme + - '/' + namespace: 'air-discount-scheme' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -61,16 +60,16 @@ service: min: 2 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN - IDENTITY_SERVER_SECRET: /k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/air-discount-scheme-web/values.prod.yaml b/charts/services/air-discount-scheme-web/values.prod.yaml index 337b4e5c1ad5..c2326211be20 100644 --- a/charts/services/air-discount-scheme-web/values.prod.yaml +++ b/charts/services/air-discount-scheme-web/values.prod.yaml @@ -1,26 +1,26 @@ service: - name: air-discount-scheme-web + name: 'air-discount-scheme-web' enabled: true env: - API_URL: http://web-air-discount-scheme-api - ENVIRONMENT: prod - IDENTITY_SERVER_ISSUER_DOMAIN: innskra.island.is - LOG_LEVEL: info - NEXTAUTH_URL: https://loftbru.island.is - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.island.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-external - - islandis + - 'nginx-ingress-external' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -31,23 +31,23 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/configuration-snippet: rewrite /$ + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ - https://island.is/en/lower-airfares-for-residents-in-rural-areas; - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: loftbru.island.is + - host: 'loftbru.island.is' paths: - - / - namespace: air-discount-scheme + - '/' + namespace: 'air-discount-scheme' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -57,16 +57,16 @@ service: min: 2 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN - IDENTITY_SERVER_SECRET: /k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/air-discount-scheme-web/values.staging.yaml b/charts/services/air-discount-scheme-web/values.staging.yaml index fea2f0c02396..b4fcf97747ba 100644 --- a/charts/services/air-discount-scheme-web/values.staging.yaml +++ b/charts/services/air-discount-scheme-web/values.staging.yaml @@ -1,26 +1,25 @@ service: - name: air-discount-scheme-web + name: 'air-discount-scheme-web' enabled: true env: - API_URL: http://web-air-discount-scheme-api - ENVIRONMENT: staging - IDENTITY_SERVER_ISSUER_DOMAIN: identity-server.staging01.devland.is - LOG_LEVEL: info - NEXTAUTH_URL: https://loftbru.staging01.devland.is - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + API_URL: 'http://web-air-discount-scheme-api' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external - - islandis + - 'nginx-ingress-external' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -31,27 +30,27 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/configuration-snippet: rewrite /$ + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ - https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas; - nginx.ingress.kubernetes.io/proxy-buffer-size: 16k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/proxy-buffers-number: "4" - nginx.ingress.kubernetes.io/server-snippet: client_header_buffer_size 16k; large_client_header_buffers 4 16k; - nginx.ingress.kubernetes.io/service-upstream: "true" + https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: loftbru.staging01.devland.is + - host: 'loftbru.staging01.devland.is' paths: - - / - - host: loftbru-cf.staging01.devland.is + - '/' + - host: 'loftbru-cf.staging01.devland.is' paths: - - / - namespace: air-discount-scheme + - '/' + namespace: 'air-discount-scheme' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -61,16 +60,16 @@ service: min: 2 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN - IDENTITY_SERVER_SECRET: /k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/api/values.dev.yaml b/charts/services/api/values.dev.yaml index 7e9ecaff59c5..681f1b36923c 100644 --- a/charts/services/api/values.dev.yaml +++ b/charts/services/api/values.dev.yaml @@ -1,168 +1,167 @@ service: - name: api + name: 'api' args: - - --tls-min-v1.0 - - --no-experimental-fetch - - main.js + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: "20000" - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.dev01.devland.is + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: http://web-application-system-api.application-system.svc.cluster.local - AUTH_ADMIN_API_PATH: https://identity-server.dev01.devland.is/backend + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local - AUTH_IDS_API_URL: https://identity-server.dev01.devland.is - AUTH_PUBLIC_API_URL: https://identity-server.dev01.devland.is/api + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 - CONSULTATION_PORTAL_CLIENT_BASE_PATH: https://samradapi-test.devland.is - CONTACT_US_EMAIL: s@kogk.is - CONTENTFUL_HOST: preview.contentful.com - DOWNLOAD_SERVICE_BASE_PATH: https://api.dev01.devland.is - ELASTIC_NODE: https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: https://api-staging.thinglysing.is/business/tolfraedi - ENDORSEMENT_SYSTEM_BASE_API_URL: http://web-endorsement-system-api.endorsement-system.svc.cluster.local - FILE_DOWNLOAD_BUCKET: island-is-dev-download-cache-api - FILE_STORAGE_UPLOAD_BUCKET: island-is-dev-upload-api - FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://dev-re.crm4.dynamics.com/api/data/v9.1 - FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 - FINANCIAL_STATEMENTS_INAO_SCOPE: https://dev-re.crm4.dynamics.com/.default - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token - FISHING_LICENSE_XROAD_PROVIDER_ID: IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1 - FISKISTOFA_ZENTER_CLIENT_ID: "1114" - FORM_SYSTEM_API_BASE_PATH: https://profun.island.is/umsoknarkerfi - HSN_WEB_FORM_ID: 1dimJFHLFYtnhoYEA3JxRK - HUNTING_LICENSE_PASS_TEMPLATE_ID: 1da72d52-a93a-4d0f-8463-1933a2bd210b - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - ISLYKILL_CERT: /etc/config/islyklar.p12 + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 's@kogk.is' + CONTENTFUL_HOST: 'preview.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: info - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: http://web-financial-aid-backend - NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=2880 -r dd-trace/init - REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local - SEND_FROM_EMAIL: development@island.is - SERVERSIDE_FEATURES_ON: "" - SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local - SESSIONS_API_URL: http://web-services-sessions.services-sessions.svc.cluster.local - SYSLUMENN_TIMEOUT: "40000" - TELL_US_A_STORY_EMAIL: s@kogk.is - UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local - USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local - USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local - WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: island-is-assistant-feedback - XROAD_ADR_MACHINE_LICENSE_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1 - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1 - XROAD_AIRCRAFT_REGISTRY_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1 - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_BIFROST_UNIVERSITY_PATH: IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1 - XROAD_CHARGE_FJS_V2_PATH: IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2 - XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_COURT_BANKRUPTCY_CERT_PATH: IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1 - XROAD_CRIMINAL_RECORD_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2 - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1 - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1 - XROAD_DISABILITY_LICENSE_PATH: IS-DEV/GOV/10008/TR-Protected/oryrki-v1 - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: "20000" - XROAD_DRIVING_LICENSE_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1 - XROAD_DRIVING_LICENSE_V2_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2 - XROAD_DRIVING_LICENSE_V4_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4 - XROAD_DRIVING_LICENSE_V5_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5 - XROAD_ENERGY_FUNDS_PATH: IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1 - XROAD_FINANCES_PATH: IS-DEV/GOV/10021/FJS-Public/financeIsland - XROAD_FINANCES_TIMEOUT: "20000" - XROAD_FINANCES_V2_PATH: IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2 - XROAD_FINANCIAL_AID_BACKEND_PATH: IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend - XROAD_FIREARM_LICENSE_PATH: IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1 - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1 - XROAD_HEALTH_DIRECTORATE_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1 - XROAD_HEALTH_INSURANCE_ID: IS-DEV/GOV/10007/SJUKRA-Protected - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur - XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl - XROAD_HMS_HOUSING_BENEFITS_PATH: IS-DEV/GOV/10033/HMS-Protected/husbot-v1 - XROAD_HMS_LOANS_PATH: IS-DEV/GOV/10033/HMS-Protected/libra-v1 - XROAD_HOLAR_UNIVERSITY_PATH: IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1 - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: IS-DEV/GOV/10033/HMS-Protected/calc-v1 - XROAD_HUNTING_LICENSE_PATH: IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: IS-DEV/GOV/10021/FJS-Protected/recruitment-v1 - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1 - XROAD_INNA_PATH: IS-DEV/GOV/10066/MMS-Protected/inna-v1 - XROAD_INTELLECTUAL_PROPERTIES_PATH: IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI - XROAD_JUDICIAL_SYSTEM_SP_PATH: IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api - XROAD_MMS_FRIGG_PATH: IS-DEV/GOV/10066/MMS-Protected/frigg-form-service - XROAD_MMS_GRADE_SERVICE_ID: IS-DEV/GOV/10066/MMS-Protected/grade-api-v1 - XROAD_MMS_LICENSE_SERVICE_ID: IS-DEV/GOV/10066/MMS-Protected/license-api-v1 + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 's@kogk.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: 'island-is-assistant-feedback' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 - XROAD_NATIONAL_REGISTRY_TIMEOUT: "20000" - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS-DEV/GOV/10014/DMR-Protected/official-journal-application - XROAD_OFFICIAL_JOURNAL_PATH: IS-DEV/GOV/10014/DMR-Protected/official-journal - XROAD_PASSPORT_LICENSE_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1 - XROAD_PAYMENT_ADDITION_CALLBACK_URL: / - XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/ - XROAD_PAYMENT_PROVIDER_ID: IS-DEV/GOV/10021/FJS-Public - XROAD_PAYMENT_SCHEDULE_PATH: IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1 - XROAD_PROPERTIES_SERVICE_V2_PATH: IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1 - XROAD_PROPERTIES_TIMEOUT: "35000" - XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1 - XROAD_SIGNATURE_COLLECTION_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "10001" - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_TR_PATH: IS-DEV/GOV/10008/TR-Protected/external-v1 - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1 - XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10010/HI-Protected/brautskraning-v1 - XROAD_VEHICLES_MILEAGE_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1 - XROAD_VEHICLES_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1 - XROAD_VEHICLE_CODETABLES_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1 - XROAD_VEHICLE_INFOLOCKS_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1 - XROAD_VEHICLE_OPERATORS_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3 - XROAD_VEHICLE_OWNER_CHANGE_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2 - XROAD_VEHICLE_PLATE_ORDERING_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 - XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 - XROAD_VEHICLE_PRINTING_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1 - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1 - XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 - XROAD_VMST_MEMBER_CODE: "10003" - XROAD_WORK_ACCIDENT_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token - XROAD_WORK_MACHINE_LICENSE_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token - ZENDESK_CONTACT_FORM_SUBDOMAIN: stjanilofts + XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_ACCIDENT_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' files: - - islyklar.p12 + - 'islyklar.p12' grantNamespaces: - - nginx-ingress-external - - api-catalogue - - application-system - - consultation-portal - - portals-admin + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health + path: '/health' timeoutSeconds: 3 hpa: scaling: @@ -173,20 +172,20 @@ service: max: 50 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.dev01.devland.is + - host: 'beta.dev01.devland.is' paths: - - /api - - host: api-catalogue.dev01.devland.is + - '/api' + - host: 'api-catalogue.dev01.devland.is' paths: - - /api - namespace: islandis + - '/api' + namespace: 'islandis' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -198,111 +197,111 @@ service: min: 2 resources: limits: - cpu: 1200m - memory: 3200Mi + cpu: '1200m' + memory: '3200Mi' requests: - cpu: 400m - memory: 896Mi + cpu: '400m' + memory: '896Mi' secrets: - ADR_LICENSE_FETCH_TIMEOUT: /k8s/api/ADR_LICENSE_FETCH_TIMEOUT - ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID - APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET - CHART_STATISTIC_CACHE_TTL: /k8s/api/CHART_STATISTIC_CACHE_TTL - CHART_STATISTIC_SOURCE_DATA_PATHS: /k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY - DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT - DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID - DOCUMENT_PROVIDER_BASE_PATH: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH - DOCUMENT_PROVIDER_BASE_PATH_TEST: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST - DOCUMENT_PROVIDER_CLIENTID: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID - DOCUMENT_PROVIDER_CLIENTID_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST - DOCUMENT_PROVIDER_CLIENT_SECRET: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST - DOCUMENT_PROVIDER_TOKEN_URL: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL - DOCUMENT_PROVIDER_TOKEN_URL_TEST: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST - DOMSYSLA_PASSWORD: /k8s/api/DOMSYSLA_PASSWORD - DOMSYSLA_USERNAME: /k8s/api/DOMSYSLA_USERNAME - DRIVING_LICENSE_BOOK_PASSWORD: /k8s/api/DRIVING_LICENSE_BOOK_PASSWORD - DRIVING_LICENSE_BOOK_USERNAME: /k8s/api/DRIVING_LICENSE_BOOK_USERNAME - DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH - DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT - DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET - FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT - FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL - FISKISTOFA_API_URL: /k8s/api/FISKISTOFA_API_URL - FISKISTOFA_POWERBI_CLIENT_ID: /k8s/api/FISKISTOFA_POWERBI_CLIENT_ID - FISKISTOFA_POWERBI_CLIENT_SECRET: /k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET - FISKISTOFA_POWERBI_TENANT_ID: /k8s/api/FISKISTOFA_POWERBI_TENANT_ID - FISKISTOFA_ZENTER_CLIENT_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD - FISKISTOFA_ZENTER_EMAIL: /k8s/api/FISKISTOFA_ZENTER_EMAIL - FISKISTOFA_ZENTER_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_PASSWORD - HOUSING_BENEFIT_CALCULATOR_PASSWORD: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD - HOUSING_BENEFIT_CALCULATOR_USERNAME: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME - HSN_WEB_FORM_RESPONSE_SECRET: /k8s/api/HSN_WEB_FORM_RESPONSE_SECRET - HSN_WEB_FORM_RESPONSE_URL: /k8s/api/HSN_WEB_FORM_RESPONSE_URL - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME - IDENTITY_SERVER_CLIENT_SECRET: /k8s/api/IDENTITY_SERVER_CLIENT_SECRET - INTELLECTUAL_PROPERTY_API_KEY: /k8s/api/IP_API_KEY - ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH - ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE - LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY - MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY - PKPASS_API_URL: /k8s/api/PKPASS_API_URL - PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES - PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA - PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY - POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH - POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID - POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET - POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL - REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH - RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY - SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL - SYSLUMENN_HOST: /k8s/api/SYSLUMENN_HOST - SYSLUMENN_PASSWORD: /k8s/api/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/api/SYSLUMENN_USERNAME - TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY - ULTRAVIOLET_RADIATION_API_KEY: /k8s/api/ULTRAVIOLET_RADIATION_API_KEY - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: /k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL - UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY - VEHICLES_ALLOW_CO_OWNERS: /k8s/api/VEHICLES_ALLOW_CO_OWNERS - VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: /k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL - XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET - XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD - XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME - XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD - XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER - XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/api + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' create: true - name: api + name: 'api' diff --git a/charts/services/api/values.prod.yaml b/charts/services/api/values.prod.yaml index 45a894f66f5b..ee6456b181de 100644 --- a/charts/services/api/values.prod.yaml +++ b/charts/services/api/values.prod.yaml @@ -1,168 +1,167 @@ service: - name: api + name: 'api' args: - - --tls-min-v1.0 - - --no-experimental-fetch - - main.js + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: "20000" - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.island.is + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: http://web-application-system-api.application-system.svc.cluster.local - AUTH_ADMIN_API_PATH: https://innskra.island.is/backend + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: https://auth-delegation-api.internal.innskra.island.is - AUTH_IDS_API_URL: https://innskra.island.is - AUTH_PUBLIC_API_URL: https://innskra.island.is/api + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' + AUTH_IDS_API_URL: 'https://innskra.island.is' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 - CONSULTATION_PORTAL_CLIENT_BASE_PATH: https://samradapi.island.is - CONTACT_US_EMAIL: island@island.is - CONTENTFUL_HOST: cdn.contentful.com - DOWNLOAD_SERVICE_BASE_PATH: https://api.island.is - ELASTIC_NODE: https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/ - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: https://api.thinglysing.is/business/tolfraedi - ENDORSEMENT_SYSTEM_BASE_API_URL: http://web-endorsement-system-api.endorsement-system.svc.cluster.local - FILE_DOWNLOAD_BUCKET: island-is-prod-download-cache-api - FILE_STORAGE_UPLOAD_BUCKET: island-is-prod-upload-api - FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://star-re.crm4.dynamics.com/api/data/v9.1 - FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 - FINANCIAL_STATEMENTS_INAO_SCOPE: https://star-re.crm4.dynamics.com/.default - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token - FISHING_LICENSE_XROAD_PROVIDER_ID: IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1 - FISKISTOFA_ZENTER_CLIENT_ID: "1114" - FORM_SYSTEM_API_BASE_PATH: "" - HSN_WEB_FORM_ID: 1dimJFHLFYtnhoYEA3JxRK - HUNTING_LICENSE_PASS_TEMPLATE_ID: 5f42f942-d8d6-40bf-a186-5a9e12619d9f - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/api" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - ISLYKILL_CERT: /etc/config/islyklar.p12 + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: info - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: http://web-financial-aid-backend - NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=2880 -r dd-trace/init - REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local - SEND_FROM_EMAIL: island@island.is - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local - SESSIONS_API_URL: http://web-services-sessions.services-sessions.svc.cluster.local - SYSLUMENN_TIMEOUT: "40000" - TELL_US_A_STORY_EMAIL: sogur@island.is - UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local - USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local - USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local - WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: island-is-assistant-feedback - XROAD_ADR_MACHINE_LICENSE_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1 - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/4112043590/LBHI-Protected/brautskraning-v1 - XROAD_AIRCRAFT_REGISTRY_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1 - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_BIFROST_UNIVERSITY_PATH: IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1 - XROAD_CHARGE_FJS_V2_PATH: IS/GOV/5402697509/FJS-Public/chargeFJS_v2 - XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_COURT_BANKRUPTCY_CERT_PATH: IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1 - XROAD_CRIMINAL_RECORD_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1 - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1 - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1 - XROAD_DISABILITY_LICENSE_PATH: IS/GOV/5012130120/TR-Protected/oryrki-v1 - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: "20000" - XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 - XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 - XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 - XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 - XROAD_ENERGY_FUNDS_PATH: IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1 - XROAD_FINANCES_PATH: IS/GOV/5402697509/FJS-Public/financeIsland - XROAD_FINANCES_TIMEOUT: "20000" - XROAD_FINANCES_V2_PATH: IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2 - XROAD_FINANCIAL_AID_BACKEND_PATH: IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend - XROAD_FIREARM_LICENSE_PATH: IS/GOV/5309672079/Logreglan-Protected/island-api-v1 - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1 - XROAD_HEALTH_DIRECTORATE_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1 - XROAD_HEALTH_INSURANCE_ID: IS/GOV/4804080550/SJUKRA-Protected - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS/GOV/4804080550/SJUKRA-Protected/minarsidur - XROAD_HEALTH_INSURANCE_WSDLURL: https://huld.sjukra.is/islandrg?wsdl - XROAD_HMS_HOUSING_BENEFITS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1 - XROAD_HMS_LOANS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1 - XROAD_HOLAR_UNIVERSITY_PATH: IS/EDU/5001694359/Holar-Protected/brautskraning-v1 - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1 - XROAD_HUNTING_LICENSE_PATH: IS/GOV/7010022880/Umhverfisstofnun-Protected/api - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: IS/GOV/5402697509/FJS-Protected/recruitment-v1 - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS/EDU/4210984099/LHI-Protected/brautskraning-v1 - XROAD_INNA_PATH: IS/GOV/6601241280/MMS-Protected/inna-v1 - XROAD_INTELLECTUAL_PROPERTIES_PATH: IS/GOV/6501912189/WebAPI-Public/HUG-webAPI - XROAD_JUDICIAL_SYSTEM_SP_PATH: IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api - XROAD_MMS_FRIGG_PATH: IS/GOV/10066/MMS-Protected/frigg-form-service - XROAD_MMS_GRADE_SERVICE_ID: IS/GOV/6601241280/MMS-Protected/grade-api-v1 - XROAD_MMS_LICENSE_SERVICE_ID: IS/GOV/6601241280/MMS-Protected/license-api-v1 + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'island@island.is' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: 'island-is-assistant-feedback' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_NATIONAL_REGISTRY_TIMEOUT: "20000" - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS/GOV/10014/DMR-Protected/official-journal-application - XROAD_OFFICIAL_JOURNAL_PATH: IS/GOV/10014/DMR-Protected/official-journal - XROAD_PASSPORT_LICENSE_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1 - XROAD_PAYMENT_ADDITION_CALLBACK_URL: / - XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/ - XROAD_PAYMENT_PROVIDER_ID: IS/GOV/5402697509/FJS-Public - XROAD_PAYMENT_SCHEDULE_PATH: IS/GOV/5402697509/FJS-Public/paymentSchedule_v1 - XROAD_PROPERTIES_SERVICE_V2_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1 - XROAD_PROPERTIES_TIMEOUT: "35000" - XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1 - XROAD_SIGNATURE_COLLECTION_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS - XROAD_TR_PATH: IS/GOV/5012130120/TR-Protected/external-v1 - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS/EDU/5206871229/UNAK-Protected/brautskraning-v1 - XROAD_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/6001692039/HI-Protected/brautskraning-v1 - XROAD_VEHICLES_MILEAGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1 - XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 - XROAD_VEHICLE_CODETABLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1 - XROAD_VEHICLE_INFOLOCKS_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1 - XROAD_VEHICLE_OPERATORS_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3 - XROAD_VEHICLE_OWNER_CHANGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2 - XROAD_VEHICLE_PLATE_ORDERING_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 - XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 - XROAD_VEHICLE_PRINTING_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1 - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1 - XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 - XROAD_VMST_MEMBER_CODE: "7005942039" - XROAD_WORK_ACCIDENT_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token - XROAD_WORK_MACHINE_LICENSE_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_ACCIDENT_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' files: - - islyklar.p12 + - 'islyklar.p12' grantNamespaces: - - nginx-ingress-external - - api-catalogue - - application-system - - consultation-portal - - portals-admin + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health + path: '/health' timeoutSeconds: 3 hpa: scaling: @@ -173,20 +172,20 @@ service: max: 50 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: island.is + - host: 'island.is' paths: - - /api - - host: www.island.is + - '/api' + - host: 'www.island.is' paths: - - /api - namespace: islandis + - '/api' + namespace: 'islandis' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -198,111 +197,111 @@ service: min: 2 resources: limits: - cpu: 1200m - memory: 3200Mi + cpu: '1200m' + memory: '3200Mi' requests: - cpu: 400m - memory: 896Mi + cpu: '400m' + memory: '896Mi' secrets: - ADR_LICENSE_FETCH_TIMEOUT: /k8s/api/ADR_LICENSE_FETCH_TIMEOUT - ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID - APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET - CHART_STATISTIC_CACHE_TTL: /k8s/api/CHART_STATISTIC_CACHE_TTL - CHART_STATISTIC_SOURCE_DATA_PATHS: /k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY - DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT - DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID - DOCUMENT_PROVIDER_BASE_PATH: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH - DOCUMENT_PROVIDER_BASE_PATH_TEST: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST - DOCUMENT_PROVIDER_CLIENTID: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID - DOCUMENT_PROVIDER_CLIENTID_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST - DOCUMENT_PROVIDER_CLIENT_SECRET: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST - DOCUMENT_PROVIDER_TOKEN_URL: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL - DOCUMENT_PROVIDER_TOKEN_URL_TEST: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST - DOMSYSLA_PASSWORD: /k8s/api/DOMSYSLA_PASSWORD - DOMSYSLA_USERNAME: /k8s/api/DOMSYSLA_USERNAME - DRIVING_LICENSE_BOOK_PASSWORD: /k8s/api/DRIVING_LICENSE_BOOK_PASSWORD - DRIVING_LICENSE_BOOK_USERNAME: /k8s/api/DRIVING_LICENSE_BOOK_USERNAME - DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH - DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT - DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET - FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT - FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL - FISKISTOFA_API_URL: /k8s/api/FISKISTOFA_API_URL - FISKISTOFA_POWERBI_CLIENT_ID: /k8s/api/FISKISTOFA_POWERBI_CLIENT_ID - FISKISTOFA_POWERBI_CLIENT_SECRET: /k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET - FISKISTOFA_POWERBI_TENANT_ID: /k8s/api/FISKISTOFA_POWERBI_TENANT_ID - FISKISTOFA_ZENTER_CLIENT_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD - FISKISTOFA_ZENTER_EMAIL: /k8s/api/FISKISTOFA_ZENTER_EMAIL - FISKISTOFA_ZENTER_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_PASSWORD - HOUSING_BENEFIT_CALCULATOR_PASSWORD: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD - HOUSING_BENEFIT_CALCULATOR_USERNAME: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME - HSN_WEB_FORM_RESPONSE_SECRET: /k8s/api/HSN_WEB_FORM_RESPONSE_SECRET - HSN_WEB_FORM_RESPONSE_URL: /k8s/api/HSN_WEB_FORM_RESPONSE_URL - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME - IDENTITY_SERVER_CLIENT_SECRET: /k8s/api/IDENTITY_SERVER_CLIENT_SECRET - INTELLECTUAL_PROPERTY_API_KEY: /k8s/api/IP_API_KEY - ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH - ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE - LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY - MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY - PKPASS_API_URL: /k8s/api/PKPASS_API_URL - PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES - PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA - PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY - POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH - POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID - POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET - POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL - REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH - RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY - SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL - SYSLUMENN_HOST: /k8s/api/SYSLUMENN_HOST - SYSLUMENN_PASSWORD: /k8s/api/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/api/SYSLUMENN_USERNAME - TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY - ULTRAVIOLET_RADIATION_API_KEY: /k8s/api/ULTRAVIOLET_RADIATION_API_KEY - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: /k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL - UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY - VEHICLES_ALLOW_CO_OWNERS: /k8s/api/VEHICLES_ALLOW_CO_OWNERS - VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: /k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL - XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET - XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD - XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME - XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD - XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER - XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/api + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' create: true - name: api + name: 'api' diff --git a/charts/services/api/values.staging.yaml b/charts/services/api/values.staging.yaml index 5e247a64ab9e..7a9b4fbf774d 100644 --- a/charts/services/api/values.staging.yaml +++ b/charts/services/api/values.staging.yaml @@ -1,168 +1,166 @@ service: - name: api + name: 'api' args: - - --tls-min-v1.0 - - --no-experimental-fetch - - main.js + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: "20000" - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.staging01.devland.is + AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' + AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: http://web-application-system-api.application-system.svc.cluster.local - AUTH_ADMIN_API_PATH: https://identity-server.staging01.devland.is/backend + APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' + AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local - AUTH_IDS_API_URL: https://identity-server.staging01.devland.is - AUTH_PUBLIC_API_URL: https://identity-server.staging01.devland.is/api + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' + AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 - CONSULTATION_PORTAL_CLIENT_BASE_PATH: https://samradapi-test.devland.is - CONTACT_US_EMAIL: island@island.is - CONTENTFUL_HOST: cdn.contentful.com - DOWNLOAD_SERVICE_BASE_PATH: https://api.staging01.devland.is - ELASTIC_NODE: https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/ - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: https://api-staging.thinglysing.is/business/tolfraedi - ENDORSEMENT_SYSTEM_BASE_API_URL: http://web-endorsement-system-api.endorsement-system.svc.cluster.local - FILE_DOWNLOAD_BUCKET: island-is-staging-download-cache-api - FILE_STORAGE_UPLOAD_BUCKET: island-is-staging-upload-api - FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://dev-re.crm4.dynamics.com/api/data/v9.1 - FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 - FINANCIAL_STATEMENTS_INAO_SCOPE: https://dev-re.crm4.dynamics.com/.default - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token - FISHING_LICENSE_XROAD_PROVIDER_ID: IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1 - FISKISTOFA_ZENTER_CLIENT_ID: "1114" - FORM_SYSTEM_API_BASE_PATH: "" - HSN_WEB_FORM_ID: 1dimJFHLFYtnhoYEA3JxRK - HUNTING_LICENSE_PASS_TEMPLATE_ID: 1da72d52-a93a-4d0f-8463-1933a2bd210b - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - ISLYKILL_CERT: /etc/config/islyklar.p12 + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' + CONTACT_US_EMAIL: 'island@island.is' + CONTENTFUL_HOST: 'cdn.contentful.com' + DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' + ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' + ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FISKISTOFA_ZENTER_CLIENT_ID: '1114' + HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: info - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: http://web-financial-aid-backend - NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=2880 -r dd-trace/init - REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local - SEND_FROM_EMAIL: development@island.is - SERVERSIDE_FEATURES_ON: "" - SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local - SESSIONS_API_URL: http://web-services-sessions.services-sessions.svc.cluster.local - SYSLUMENN_TIMEOUT: "40000" - TELL_US_A_STORY_EMAIL: sogur@island.is - UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local - USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local - USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local - WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: island-is-assistant-feedback - XROAD_ADR_MACHINE_LICENSE_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1 - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1 - XROAD_AIRCRAFT_REGISTRY_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1 - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_BIFROST_UNIVERSITY_PATH: IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1 - XROAD_CHARGE_FJS_V2_PATH: IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2 - XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_COURT_BANKRUPTCY_CERT_PATH: IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1 - XROAD_CRIMINAL_RECORD_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1 - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1 - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1 - XROAD_DISABILITY_LICENSE_PATH: IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1 - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: "20000" - XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1 - XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2 - XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 - XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 - XROAD_ENERGY_FUNDS_PATH: IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1 - XROAD_FINANCES_PATH: IS-TEST/GOV/10021/FJS-Public/financeIsland - XROAD_FINANCES_TIMEOUT: "20000" - XROAD_FINANCES_V2_PATH: IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2 - XROAD_FINANCIAL_AID_BACKEND_PATH: IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend - XROAD_FIREARM_LICENSE_PATH: IS/GOV/5309672079/Logreglan-Protected/island-api-v1 - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1 - XROAD_HEALTH_DIRECTORATE_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1 - XROAD_HEALTH_INSURANCE_ID: IS-TEST/GOV/4804080550/SJUKRA-Protected - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur - XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl - XROAD_HMS_HOUSING_BENEFITS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1 - XROAD_HMS_LOANS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/libra-v1 - XROAD_HOLAR_UNIVERSITY_PATH: IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1 - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: IS-TEST/GOV/5812191480/HMS-Protected/calc-v1 - XROAD_HUNTING_LICENSE_PATH: IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: IS-TEST/GOV/10021/FJS-Protected/recruitment-v1 - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1 - XROAD_INNA_PATH: IS-TEST/GOV/6601241280/MMS-Protected/inna-v1 - XROAD_INTELLECTUAL_PROPERTIES_PATH: IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI - XROAD_JUDICIAL_SYSTEM_SP_PATH: IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api - XROAD_MMS_FRIGG_PATH: IS-TEST/GOV/10066/MMS-Protected/frigg-form-service - XROAD_MMS_GRADE_SERVICE_ID: IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1 - XROAD_MMS_LICENSE_SERVICE_ID: IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1 + LOG_LEVEL: 'info' + MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SEND_FROM_EMAIL: 'development@island.is' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' + SYSLUMENN_TIMEOUT: '40000' + TELL_US_A_STORY_EMAIL: 'sogur@island.is' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: 'island-is-assistant-feedback' + XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_TIMEOUT: '20000' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' + XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_NATIONAL_REGISTRY_TIMEOUT: "20000" - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS-TEST/GOV/10014/DMR-Protected/official-journal-application - XROAD_OFFICIAL_JOURNAL_PATH: IS-TEST/GOV/10014/DMR-Protected/official-journal - XROAD_PASSPORT_LICENSE_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1 - XROAD_PAYMENT_ADDITION_CALLBACK_URL: / - XROAD_PAYMENT_BASE_CALLBACK_URL: "XROAD:" - XROAD_PAYMENT_PROVIDER_ID: IS-TEST/GOV/10021/FJS-DEV-Public - XROAD_PAYMENT_SCHEDULE_PATH: IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1 - XROAD_PROPERTIES_SERVICE_V2_PATH: IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1 - XROAD_PROPERTIES_TIMEOUT: "35000" - XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_PROPERTIES_TIMEOUT: '35000' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1 - XROAD_SIGNATURE_COLLECTION_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_TR_PATH: IS-TEST/GOV/5012130120/TR-Protected/external-v1 - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1 - XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10010/HI-Protected/brautskraning-v1 - XROAD_VEHICLES_MILEAGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1 - XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 - XROAD_VEHICLE_CODETABLES_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1 - XROAD_VEHICLE_INFOLOCKS_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1 - XROAD_VEHICLE_OPERATORS_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3 - XROAD_VEHICLE_OWNER_CHANGE_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2 - XROAD_VEHICLE_PLATE_ORDERING_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 - XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 - XROAD_VEHICLE_PRINTING_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1 - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1 - XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 - XROAD_VMST_MEMBER_CODE: "7005942039" - XROAD_WORK_ACCIDENT_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token - XROAD_WORK_MACHINE_LICENSE_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_ACCIDENT_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' files: - - islyklar.p12 + - 'islyklar.p12' grantNamespaces: - - nginx-ingress-external - - api-catalogue - - application-system - - consultation-portal - - portals-admin + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health + path: '/health' timeoutSeconds: 3 hpa: scaling: @@ -173,17 +171,17 @@ service: max: 50 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.staging01.devland.is + - host: 'beta.staging01.devland.is' paths: - - /api - namespace: islandis + - '/api' + namespace: 'islandis' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -195,111 +193,111 @@ service: min: 2 resources: limits: - cpu: 1200m - memory: 3200Mi + cpu: '1200m' + memory: '3200Mi' requests: - cpu: 400m - memory: 896Mi + cpu: '400m' + memory: '896Mi' secrets: - ADR_LICENSE_FETCH_TIMEOUT: /k8s/api/ADR_LICENSE_FETCH_TIMEOUT - ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID - APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET - CHART_STATISTIC_CACHE_TTL: /k8s/api/CHART_STATISTIC_CACHE_TTL - CHART_STATISTIC_SOURCE_DATA_PATHS: /k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: /k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY - DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT - DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID - DOCUMENT_PROVIDER_BASE_PATH: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH - DOCUMENT_PROVIDER_BASE_PATH_TEST: /k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST - DOCUMENT_PROVIDER_CLIENTID: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID - DOCUMENT_PROVIDER_CLIENTID_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST - DOCUMENT_PROVIDER_CLIENT_SECRET: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: /k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST - DOCUMENT_PROVIDER_TOKEN_URL: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL - DOCUMENT_PROVIDER_TOKEN_URL_TEST: /k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST - DOMSYSLA_PASSWORD: /k8s/api/DOMSYSLA_PASSWORD - DOMSYSLA_USERNAME: /k8s/api/DOMSYSLA_USERNAME - DRIVING_LICENSE_BOOK_PASSWORD: /k8s/api/DRIVING_LICENSE_BOOK_PASSWORD - DRIVING_LICENSE_BOOK_USERNAME: /k8s/api/DRIVING_LICENSE_BOOK_USERNAME - DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH - DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT - DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET - FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT - FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: /k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL - FISKISTOFA_API_URL: /k8s/api/FISKISTOFA_API_URL - FISKISTOFA_POWERBI_CLIENT_ID: /k8s/api/FISKISTOFA_POWERBI_CLIENT_ID - FISKISTOFA_POWERBI_CLIENT_SECRET: /k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET - FISKISTOFA_POWERBI_TENANT_ID: /k8s/api/FISKISTOFA_POWERBI_TENANT_ID - FISKISTOFA_ZENTER_CLIENT_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD - FISKISTOFA_ZENTER_EMAIL: /k8s/api/FISKISTOFA_ZENTER_EMAIL - FISKISTOFA_ZENTER_PASSWORD: /k8s/api/FISKISTOFA_ZENTER_PASSWORD - HOUSING_BENEFIT_CALCULATOR_PASSWORD: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD - HOUSING_BENEFIT_CALCULATOR_USERNAME: /k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME - HSN_WEB_FORM_RESPONSE_SECRET: /k8s/api/HSN_WEB_FORM_RESPONSE_SECRET - HSN_WEB_FORM_RESPONSE_URL: /k8s/api/HSN_WEB_FORM_RESPONSE_URL - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: /k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME - IDENTITY_SERVER_CLIENT_SECRET: /k8s/api/IDENTITY_SERVER_CLIENT_SECRET - INTELLECTUAL_PROPERTY_API_KEY: /k8s/api/IP_API_KEY - ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH - ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE - LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY - MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY - PKPASS_API_URL: /k8s/api/PKPASS_API_URL - PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES - PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA - PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY - POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH - POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID - POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET - POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL - REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH - RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY - SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL - SYSLUMENN_HOST: /k8s/api/SYSLUMENN_HOST - SYSLUMENN_PASSWORD: /k8s/api/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/api/SYSLUMENN_USERNAME - TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY - ULTRAVIOLET_RADIATION_API_KEY: /k8s/api/ULTRAVIOLET_RADIATION_API_KEY - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: /k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL - UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY - VEHICLES_ALLOW_CO_OWNERS: /k8s/api/VEHICLES_ALLOW_CO_OWNERS - VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: /k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: /k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL - XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET - XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD - XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME - XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD - XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER - XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN + ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' + CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' + DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' + DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' + DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' + DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' + DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' + DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' + DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' + DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' + DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' + FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' + FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' + FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' + FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' + FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' + FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' + FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' + FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' + HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' + HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' + HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' + ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' + INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' + UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' + WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/api + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' create: true - name: api + name: 'api' diff --git a/charts/services/application-system-api-worker/values.dev.yaml b/charts/services/application-system-api-worker/values.dev.yaml index 1519903f0238..116aa78863b7 100644 --- a/charts/services/application-system-api-worker/values.dev.yaml +++ b/charts/services/application-system-api-worker/values.dev.yaml @@ -1,51 +1,50 @@ service: - name: application-system-api-worker + name: 'application-system-api-worker' args: - - main.js - - --job - - worker + - 'main.js' + - '--job' + - 'worker' command: - - node + - 'node' enabled: true env: - APPLICATION_ATTACHMENT_BUCKET: island-is-dev-storage-application-system - CLIENT_LOCATION_ORIGIN: https://beta.dev01.devland.is/umsoknir - DB_HOST: postgres-applications.internal - DB_NAME: application_system_api - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: application_system_api - EHIC_XROAD_PROVIDER_ID: IS-DEV/GOV/10007/SJUKRA-Protected/ehic - FILE_SERVICE_PRESIGN_BUCKET: island-is-dev-fs-presign-bucket - FILE_STORAGE_UPLOAD_BUCKET: island-is-dev-upload-api - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CHARGE_FJS_V2_PATH: IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2 - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_INNA_PATH: IS-DEV/GOV/10066/MMS-Protected/inna-v1 - XROAD_PAYMENT_ADDITION_CALLBACK_URL: / - XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/ - XROAD_PAYMENT_PROVIDER_ID: IS-DEV/GOV/10021/FJS-Public - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_WORK_MACHINE_LICENSE_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' grantNamespaces: - - nginx-ingress-internal - - islandis + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -56,8 +55,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api - namespace: application-system + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -69,34 +68,34 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 768Mi + cpu: '400m' + memory: '768Mi' requests: - cpu: 150m - memory: 384Mi - schedule: "*/30 * * * *" + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' secrets: - ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/application-system-api/DB_PASSWORD - DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN - DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL - DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD - DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME - DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD - DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME - DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH - IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET - SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST - SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME - XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD - XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/application-system-api-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' create: true - name: application-system-api-worker + name: 'application-system-api-worker' diff --git a/charts/services/application-system-api-worker/values.prod.yaml b/charts/services/application-system-api-worker/values.prod.yaml index 0f05713b14ad..a9f691138c6d 100644 --- a/charts/services/application-system-api-worker/values.prod.yaml +++ b/charts/services/application-system-api-worker/values.prod.yaml @@ -1,51 +1,51 @@ service: - name: application-system-api-worker + name: 'application-system-api-worker' args: - - main.js - - --job - - worker + - 'main.js' + - '--job' + - 'worker' command: - - node + - 'node' enabled: true env: - APPLICATION_ATTACHMENT_BUCKET: island-is-prod-storage-application-system - CLIENT_LOCATION_ORIGIN: https://island.is/umsoknir - DB_HOST: postgres-applications.internal - DB_NAME: application_system_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: application_system_api - EHIC_XROAD_PROVIDER_ID: IS/GOV/4804080550/SJUKRA-Protected/ehic - FILE_SERVICE_PRESIGN_BUCKET: island-is-prod-fs-presign-bucket - FILE_STORAGE_UPLOAD_BUCKET: island-is-prod-upload-api - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CHARGE_FJS_V2_PATH: IS/GOV/5402697509/FJS-Public/chargeFJS_v2 - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_INNA_PATH: IS/GOV/6601241280/MMS-Protected/inna-v1 - XROAD_PAYMENT_ADDITION_CALLBACK_URL: / - XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/ - XROAD_PAYMENT_PROVIDER_ID: IS/GOV/5402697509/FJS-Public - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS - XROAD_WORK_MACHINE_LICENSE_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' grantNamespaces: - - nginx-ingress-internal - - islandis + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -56,8 +56,8 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api - namespace: application-system + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -69,34 +69,34 @@ service: min: 3 resources: limits: - cpu: 400m - memory: 768Mi + cpu: '400m' + memory: '768Mi' requests: - cpu: 150m - memory: 384Mi - schedule: "*/30 * * * *" + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' secrets: - ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/application-system-api/DB_PASSWORD - DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN - DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL - DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD - DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME - DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD - DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME - DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH - IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET - SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST - SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME - XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD - XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/application-system-api-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' create: true - name: application-system-api-worker + name: 'application-system-api-worker' diff --git a/charts/services/application-system-api-worker/values.staging.yaml b/charts/services/application-system-api-worker/values.staging.yaml index 1951c13ced11..777f4c70658b 100644 --- a/charts/services/application-system-api-worker/values.staging.yaml +++ b/charts/services/application-system-api-worker/values.staging.yaml @@ -1,51 +1,50 @@ service: - name: application-system-api-worker + name: 'application-system-api-worker' args: - - main.js - - --job - - worker + - 'main.js' + - '--job' + - 'worker' command: - - node + - 'node' enabled: true env: - APPLICATION_ATTACHMENT_BUCKET: island-is-staging-storage-application-system - CLIENT_LOCATION_ORIGIN: https://beta.staging01.devland.is/umsoknir - DB_HOST: postgres-applications.internal - DB_NAME: application_system_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: application_system_api - EHIC_XROAD_PROVIDER_ID: IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic - FILE_SERVICE_PRESIGN_BUCKET: island-is-staging-fs-presign-bucket - FILE_STORAGE_UPLOAD_BUCKET: island-is-staging-upload-api - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CHARGE_FJS_V2_PATH: IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2 - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_INNA_PATH: IS-TEST/GOV/6601241280/MMS-Protected/inna-v1 - XROAD_PAYMENT_ADDITION_CALLBACK_URL: / - XROAD_PAYMENT_BASE_CALLBACK_URL: "XROAD:" - XROAD_PAYMENT_PROVIDER_ID: IS-TEST/GOV/10021/FJS-DEV-Public - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_WORK_MACHINE_LICENSE_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' grantNamespaces: - - nginx-ingress-internal - - islandis + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -56,8 +55,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api - namespace: application-system + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' + namespace: 'application-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -69,34 +68,34 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 768Mi + cpu: '400m' + memory: '768Mi' requests: - cpu: 150m - memory: 384Mi - schedule: "*/30 * * * *" + cpu: '150m' + memory: '384Mi' + schedule: '*/30 * * * *' secrets: - ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/application-system-api/DB_PASSWORD - DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN - DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL - DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD - DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME - DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD - DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME - DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH - IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET - SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST - SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME - XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD - XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/application-system-api-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' create: true - name: application-system-api-worker + name: 'application-system-api-worker' diff --git a/charts/services/application-system-api/values.dev.yaml b/charts/services/application-system-api/values.dev.yaml index db03b5df5871..7baf7cd46ec5 100644 --- a/charts/services/application-system-api/values.dev.yaml +++ b/charts/services/application-system-api/values.dev.yaml @@ -1,136 +1,135 @@ service: - name: application-system-api + name: 'application-system-api' args: - - main.js + - 'main.js' command: - - node + - 'node' enabled: true env: - APPLICATION_ATTACHMENT_BUCKET: island-is-dev-storage-application-system - AUTH_PUBLIC_API_URL: https://identity-server.dev01.devland.is/api - CLIENT_LOCATION_ORIGIN: https://beta.dev01.devland.is/umsoknir + APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 - CONTENTFUL_HOST: preview.contentful.com - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: IS-DEV/GOV/10026/gopro/kvortun-v1 - DB_HOST: postgres-applications.internal - DB_NAME: application_system_api - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: application_system_api - EHIC_XROAD_PROVIDER_ID: IS-DEV/GOV/10007/SJUKRA-Protected/ehic - EMAIL_REGION: eu-west-1 - ENDORSEMENTS_API_BASE_PATH: http://web-endorsement-system-api.endorsement-system.svc.cluster.local - FILE_SERVICE_PRESIGN_BUCKET: island-is-dev-fs-presign-bucket - FILE_STORAGE_UPLOAD_BUCKET: island-is-dev-upload-api - FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://dev-re.crm4.dynamics.com/api/data/v9.1 - FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 - FINANCIAL_STATEMENTS_INAO_SCOPE: https://dev-re.crm4.dynamics.com/.default - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token - FISHING_LICENSE_XROAD_PROVIDER_ID: IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1 - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: Gunnar Ingi - GRAPHQL_API_URL: http://web-api.islandis.svc.cluster.local - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is - INSTITUTION_APPLICATION_RECIPIENT_NAME: Gunnar Ingi - ISLYKILL_CERT: /etc/config/islyklar.p12 - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: Gunnar Ingi - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "true" - NOVA_USERNAME: IslandIs_User_Development - RECYCLING_FUND_GQL_BASE_PATH: http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local - SERVICE_USER_PROFILE_URL: http://web-service-portal-api.service-portal.svc.cluster.local - UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local - USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local - WORKPOINT_ARBORG_SERVICE_PATH: IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1 - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1 - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: IS-DEV/GOV/10047/UA-Protected/kvortun-v1/ - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_BIFROST_UNIVERSITY_PATH: IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1 - XROAD_CHARGE_FJS_V2_PATH: IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2 - XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_COURT_BANKRUPTCY_CERT_PATH: IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1 - XROAD_CRIMINAL_RECORD_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2 - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1 - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1 - XROAD_DRIVING_LICENSE_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1 - XROAD_DRIVING_LICENSE_V2_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2 - XROAD_DRIVING_LICENSE_V4_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4 - XROAD_DRIVING_LICENSE_V5_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5 - XROAD_ENERGY_FUNDS_PATH: IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1 - XROAD_FINANCES_PATH: IS-DEV/GOV/10021/FJS-Public/financeIsland - XROAD_FINANCES_V2_PATH: IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2 - XROAD_FINANCIAL_AID_BACKEND_PATH: IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1 - XROAD_HEALTH_DIRECTORATE_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1 - XROAD_HEALTH_INSURANCE_ID: IS-DEV/GOV/10007/SJUKRA-Protected - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur - XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl - XROAD_HMS_HOUSING_BENEFITS_PATH: IS-DEV/GOV/10033/HMS-Protected/husbot-v1 - XROAD_HMS_LOANS_PATH: IS-DEV/GOV/10033/HMS-Protected/libra-v1 - XROAD_HOLAR_UNIVERSITY_PATH: IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1 - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1 - XROAD_INNA_PATH: IS-DEV/GOV/10066/MMS-Protected/inna-v1 - XROAD_MMS_FRIGG_PATH: IS-DEV/GOV/10066/MMS-Protected/frigg-form-service + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS-DEV/GOV/10014/DMR-Protected/official-journal-application - XROAD_OFFICIAL_JOURNAL_PATH: IS-DEV/GOV/10014/DMR-Protected/official-journal - XROAD_PASSPORT_LICENSE_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1 - XROAD_PAYMENT_ADDITION_CALLBACK_URL: / - XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/ - XROAD_PAYMENT_PROVIDER_ID: IS-DEV/GOV/10021/FJS-Public - XROAD_PAYMENT_SCHEDULE_PATH: IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1 - XROAD_PROPERTIES_SERVICE_V2_PATH: IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1 - XROAD_SIGNATURE_COLLECTION_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "10001" - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_TR_PATH: IS-DEV/GOV/10008/TR-Protected/external-v1 - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1 - XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10010/HI-Protected/brautskraning-v1 - XROAD_VEHICLES_MILEAGE_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1 - XROAD_VEHICLES_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1 - XROAD_VEHICLE_CODETABLES_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1 - XROAD_VEHICLE_INFOLOCKS_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1 - XROAD_VEHICLE_OPERATORS_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3 - XROAD_VEHICLE_OWNER_CHANGE_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2 - XROAD_VEHICLE_PLATE_ORDERING_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 - XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 - XROAD_VEHICLE_PRINTING_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1 - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1 - XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 - XROAD_VMST_MEMBER_CODE: "10003" - XROAD_WORK_ACCIDENT_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token - XROAD_WORK_MACHINE_LICENSE_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '10003' + XROAD_WORK_ACCIDENT_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' files: - - islyklar.p12 + - 'islyklar.p12' grantNamespaces: - - nginx-ingress-internal - - islandis + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -141,47 +140,46 @@ service: max: 60 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: application-payment-callback-xrd.internal.dev01.devland.is + - host: 'application-payment-callback-xrd.internal.dev01.devland.is' paths: - - /application-payment - - /applications - - host: application-callback-xrd.internal.dev01.devland.is + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.dev01.devland.is' paths: - - /application-payment - - /applications + - '/application-payment' + - '/applications' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: application_system_api - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: application_system_api - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'application_system_api' secrets: - DB_PASS: /k8s/application-system-api/DB_PASSWORD - namespace: application-system + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -193,59 +191,59 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 1024Mi + cpu: '400m' + memory: '1024Mi' requests: - cpu: 75m - memory: 512Mi + cpu: '75m' + memory: '512Mi' secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME - ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL - AUTH_JWT_SECRET: /k8s/application-system/api/AUTH_JWT_SECRET - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN - DATA_PROTECTION_COMPLAINT_API_PASSWORD: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD - DATA_PROTECTION_COMPLAINT_API_USERNAME: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME - DB_PASS: /k8s/application-system-api/DB_PASSWORD - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: /k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER - DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN - DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL - DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD - DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME - DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD - DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME - DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH - EMAIL_FROM: /k8s/application-system/api/EMAIL_FROM - EMAIL_FROM_NAME: /k8s/application-system/api/EMAIL_FROM_NAME - EMAIL_REPLY_TO: /k8s/application-system/api/EMAIL_REPLY_TO - EMAIL_REPLY_TO_NAME: /k8s/application-system/api/EMAIL_REPLY_TO_NAME - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET - IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET - ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH - ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - NOVA_PASSWORD: /k8s/application-system/api/NOVA_PASSWORD - NOVA_URL: /k8s/application-system-api/NOVA_URL - SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST - SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME - VMST_ID: /k8s/application-system/VMST_ID - XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET - XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD - XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME - XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD - XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER - XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/application-system-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' create: true - name: application-system-api + name: 'application-system-api' diff --git a/charts/services/application-system-api/values.prod.yaml b/charts/services/application-system-api/values.prod.yaml index 936d61de8a88..d062b3b7480f 100644 --- a/charts/services/application-system-api/values.prod.yaml +++ b/charts/services/application-system-api/values.prod.yaml @@ -1,136 +1,136 @@ service: - name: application-system-api + name: 'application-system-api' args: - - main.js + - 'main.js' command: - - node + - 'node' enabled: true env: - APPLICATION_ATTACHMENT_BUCKET: island-is-prod-storage-application-system - AUTH_PUBLIC_API_URL: https://innskra.island.is/api - CLIENT_LOCATION_ORIGIN: https://island.is/umsoknir + APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' + CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 - CONTENTFUL_HOST: cdn.contentful.com - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: IS/GOV/5608002820/gopro/kvortun-v1 - DB_HOST: postgres-applications.internal - DB_NAME: application_system_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: application_system_api - EHIC_XROAD_PROVIDER_ID: IS/GOV/4804080550/SJUKRA-Protected/ehic - EMAIL_REGION: eu-west-1 - ENDORSEMENTS_API_BASE_PATH: http://web-endorsement-system-api.endorsement-system.svc.cluster.local - FILE_SERVICE_PRESIGN_BUCKET: island-is-prod-fs-presign-bucket - FILE_STORAGE_UPLOAD_BUCKET: island-is-prod-upload-api - FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://star-re.crm4.dynamics.com/api/data/v9.1 - FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 - FINANCIAL_STATEMENTS_INAO_SCOPE: https://star-re.crm4.dynamics.com/.default - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token - FISHING_LICENSE_XROAD_PROVIDER_ID: IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1 - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: island@island.is - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: Stafrรฆnt รsland - GRAPHQL_API_URL: http://web-api.islandis.svc.cluster.local - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: island@island.is - INSTITUTION_APPLICATION_RECIPIENT_NAME: Stafrรฆnt รsland - ISLYKILL_CERT: /etc/config/islyklar.p12 - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: island@island.is - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: Stafrรฆnt รsland - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "false" - NOVA_USERNAME: IslandIs_User_Production - RECYCLING_FUND_GQL_BASE_PATH: http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Production' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local - SERVICE_USER_PROFILE_URL: http://web-service-portal-api.service-portal.svc.cluster.local - UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local - USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local - WORKPOINT_ARBORG_SERVICE_PATH: IS/MUN/10036/Arborg-Protected/tengill-application-v1 - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/4112043590/LBHI-Protected/brautskraning-v1 - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: IS/GOV/5605882089/UA-Protected/kvortun-v1 - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_BIFROST_UNIVERSITY_PATH: IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1 - XROAD_CHARGE_FJS_V2_PATH: IS/GOV/5402697509/FJS-Public/chargeFJS_v2 - XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_COURT_BANKRUPTCY_CERT_PATH: IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1 - XROAD_CRIMINAL_RECORD_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1 - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1 - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1 - XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 - XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 - XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 - XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 - XROAD_ENERGY_FUNDS_PATH: IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1 - XROAD_FINANCES_PATH: IS/GOV/5402697509/FJS-Public/financeIsland - XROAD_FINANCES_V2_PATH: IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2 - XROAD_FINANCIAL_AID_BACKEND_PATH: IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1 - XROAD_HEALTH_DIRECTORATE_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1 - XROAD_HEALTH_INSURANCE_ID: IS/GOV/4804080550/SJUKRA-Protected - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS/GOV/4804080550/SJUKRA-Protected/minarsidur - XROAD_HEALTH_INSURANCE_WSDLURL: https://huld.sjukra.is/islandrg?wsdl - XROAD_HMS_HOUSING_BENEFITS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1 - XROAD_HMS_LOANS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1 - XROAD_HOLAR_UNIVERSITY_PATH: IS/EDU/5001694359/Holar-Protected/brautskraning-v1 - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS/EDU/4210984099/LHI-Protected/brautskraning-v1 - XROAD_INNA_PATH: IS/GOV/6601241280/MMS-Protected/inna-v1 - XROAD_MMS_FRIGG_PATH: IS/GOV/10066/MMS-Protected/frigg-form-service + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS/GOV/10014/DMR-Protected/official-journal-application - XROAD_OFFICIAL_JOURNAL_PATH: IS/GOV/10014/DMR-Protected/official-journal - XROAD_PASSPORT_LICENSE_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1 - XROAD_PAYMENT_ADDITION_CALLBACK_URL: / - XROAD_PAYMENT_BASE_CALLBACK_URL: XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/ - XROAD_PAYMENT_PROVIDER_ID: IS/GOV/5402697509/FJS-Public - XROAD_PAYMENT_SCHEDULE_PATH: IS/GOV/5402697509/FJS-Public/paymentSchedule_v1 - XROAD_PROPERTIES_SERVICE_V2_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1 - XROAD_SIGNATURE_COLLECTION_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS - XROAD_TR_PATH: IS/GOV/5012130120/TR-Protected/external-v1 - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS/EDU/5206871229/UNAK-Protected/brautskraning-v1 - XROAD_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/6001692039/HI-Protected/brautskraning-v1 - XROAD_VEHICLES_MILEAGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1 - XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 - XROAD_VEHICLE_CODETABLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1 - XROAD_VEHICLE_INFOLOCKS_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1 - XROAD_VEHICLE_OPERATORS_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3 - XROAD_VEHICLE_OWNER_CHANGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2 - XROAD_VEHICLE_PLATE_ORDERING_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 - XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 - XROAD_VEHICLE_PRINTING_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1 - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1 - XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 - XROAD_VMST_MEMBER_CODE: "7005942039" - XROAD_WORK_ACCIDENT_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token - XROAD_WORK_MACHINE_LICENSE_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' + XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_ACCIDENT_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' files: - - islyklar.p12 + - 'islyklar.p12' grantNamespaces: - - nginx-ingress-internal - - islandis + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -141,47 +141,47 @@ service: max: 60 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: application-payment-callback-xrd.internal.island.is + - host: 'application-payment-callback-xrd.internal.island.is' paths: - - /application-payment - - /applications - - host: application-callback-xrd.internal.island.is + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.island.is' paths: - - /application-payment - - /applications + - '/application-payment' + - '/applications' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: application_system_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: application_system_api - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/application-system-api/DB_PASSWORD - namespace: application-system + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -193,59 +193,59 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 1024Mi + cpu: '400m' + memory: '1024Mi' requests: - cpu: 75m - memory: 512Mi + cpu: '75m' + memory: '512Mi' secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME - ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL - AUTH_JWT_SECRET: /k8s/application-system/api/AUTH_JWT_SECRET - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN - DATA_PROTECTION_COMPLAINT_API_PASSWORD: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD - DATA_PROTECTION_COMPLAINT_API_USERNAME: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME - DB_PASS: /k8s/application-system-api/DB_PASSWORD - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: /k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER - DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN - DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL - DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD - DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME - DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD - DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME - DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH - EMAIL_FROM: /k8s/application-system/api/EMAIL_FROM - EMAIL_FROM_NAME: /k8s/application-system/api/EMAIL_FROM_NAME - EMAIL_REPLY_TO: /k8s/application-system/api/EMAIL_REPLY_TO - EMAIL_REPLY_TO_NAME: /k8s/application-system/api/EMAIL_REPLY_TO_NAME - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET - IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET - ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH - ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - NOVA_PASSWORD: /k8s/application-system/api/NOVA_PASSWORD - NOVA_URL: /k8s/application-system-api/NOVA_URL - SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST - SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME - VMST_ID: /k8s/application-system/VMST_ID - XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET - XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD - XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME - XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD - XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER - XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/application-system-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' create: true - name: application-system-api + name: 'application-system-api' diff --git a/charts/services/application-system-api/values.staging.yaml b/charts/services/application-system-api/values.staging.yaml index 33f3bab532e4..7650e39325e6 100644 --- a/charts/services/application-system-api/values.staging.yaml +++ b/charts/services/application-system-api/values.staging.yaml @@ -1,136 +1,135 @@ service: - name: application-system-api + name: 'application-system-api' args: - - main.js + - 'main.js' command: - - node + - 'node' enabled: true env: - APPLICATION_ATTACHMENT_BUCKET: island-is-staging-storage-application-system - AUTH_PUBLIC_API_URL: https://identity-server.staging01.devland.is/api - CLIENT_LOCATION_ORIGIN: https://beta.staging01.devland.is/umsoknir + APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' + AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' + CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 - CONTENTFUL_HOST: cdn.contentful.com - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: IS-TEST/GOV/5608002820/gopro/kvortun-v1 - DB_HOST: postgres-applications.internal - DB_NAME: application_system_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: application_system_api - EHIC_XROAD_PROVIDER_ID: IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic - EMAIL_REGION: eu-west-1 - ENDORSEMENTS_API_BASE_PATH: http://web-endorsement-system-api.endorsement-system.svc.cluster.local - FILE_SERVICE_PRESIGN_BUCKET: island-is-staging-fs-presign-bucket - FILE_STORAGE_UPLOAD_BUCKET: island-is-staging-upload-api - FINANCIAL_STATEMENTS_INAO_BASE_PATH: https://dev-re.crm4.dynamics.com/api/data/v9.1 - FINANCIAL_STATEMENTS_INAO_ISSUER: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0 - FINANCIAL_STATEMENTS_INAO_SCOPE: https://dev-re.crm4.dynamics.com/.default - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token - FISHING_LICENSE_XROAD_PROVIDER_ID: IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1 - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: Gunnar Ingi - GRAPHQL_API_URL: http://web-api.islandis.svc.cluster.local - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/application-system" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is - INSTITUTION_APPLICATION_RECIPIENT_NAME: Gunnar Ingi - ISLYKILL_CERT: /etc/config/islyklar.p12 - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: gunnar.ingi@fjr.is - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: Gunnar Ingi - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "false" - NOVA_USERNAME: IslandIs_User_Development - RECYCLING_FUND_GQL_BASE_PATH: http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' + EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' + FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' + FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' + FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' + FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' + FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' + FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' + FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' + LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + NOVA_USERNAME: 'IslandIs_User_Development' + RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - SERVICE_DOCUMENTS_BASEPATH: http://web-services-documents.services-documents.svc.cluster.local - SERVICE_USER_PROFILE_URL: http://web-service-portal-api.service-portal.svc.cluster.local - UNIVERSITY_GATEWAY_API_URL: http://web-services-university-gateway.services-university-gateway.svc.cluster.local - USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local - WORKPOINT_ARBORG_SERVICE_PATH: IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1 - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1 - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: IS-TEST/GOV/10047/UA-Protected/kvortun-v1/ - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_BIFROST_UNIVERSITY_PATH: IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1 - XROAD_CHARGE_FJS_V2_PATH: IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2 - XROAD_CHARGE_FJS_V2_TIMEOUT: "20000" - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_COURT_BANKRUPTCY_CERT_PATH: IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1 - XROAD_CRIMINAL_RECORD_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1 - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1 - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1 - XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1 - XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2 - XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 - XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 - XROAD_ENERGY_FUNDS_PATH: IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1 - XROAD_FINANCES_PATH: IS-TEST/GOV/10021/FJS-Public/financeIsland - XROAD_FINANCES_V2_PATH: IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2 - XROAD_FINANCIAL_AID_BACKEND_PATH: IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1 - XROAD_HEALTH_DIRECTORATE_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1 - XROAD_HEALTH_INSURANCE_ID: IS-TEST/GOV/4804080550/SJUKRA-Protected - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur - XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl - XROAD_HMS_HOUSING_BENEFITS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1 - XROAD_HMS_LOANS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/libra-v1 - XROAD_HOLAR_UNIVERSITY_PATH: IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1 - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1 - XROAD_INNA_PATH: IS-TEST/GOV/6601241280/MMS-Protected/inna-v1 - XROAD_MMS_FRIGG_PATH: IS-TEST/GOV/10066/MMS-Protected/frigg-form-service + SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' + SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' + XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' + XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' + XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' + XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' + XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' + XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' + XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' + XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: IS-TEST/GOV/10014/DMR-Protected/official-journal-application - XROAD_OFFICIAL_JOURNAL_PATH: IS-TEST/GOV/10014/DMR-Protected/official-journal - XROAD_PASSPORT_LICENSE_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1 - XROAD_PAYMENT_ADDITION_CALLBACK_URL: / - XROAD_PAYMENT_BASE_CALLBACK_URL: "XROAD:" - XROAD_PAYMENT_PROVIDER_ID: IS-TEST/GOV/10021/FJS-DEV-Public - XROAD_PAYMENT_SCHEDULE_PATH: IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1 - XROAD_PROPERTIES_SERVICE_V2_PATH: IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1 - XROAD_SIGNATURE_COLLECTION_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_TR_PATH: IS-TEST/GOV/5012130120/TR-Protected/external-v1 - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1 - XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10010/HI-Protected/brautskraning-v1 - XROAD_VEHICLES_MILEAGE_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1 - XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 - XROAD_VEHICLE_CODETABLES_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1 - XROAD_VEHICLE_INFOLOCKS_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1 - XROAD_VEHICLE_OPERATORS_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3 - XROAD_VEHICLE_OWNER_CHANGE_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2 - XROAD_VEHICLE_PLATE_ORDERING_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1 - XROAD_VEHICLE_PLATE_RENEWAL_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1 - XROAD_VEHICLE_PRINTING_PATH: IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1 - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1 - XROAD_VMST_API_PATH: /VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1 - XROAD_VMST_MEMBER_CODE: "7005942039" - XROAD_WORK_ACCIDENT_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token - XROAD_WORK_MACHINE_LICENSE_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' + XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' + XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' + XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' + XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' + XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' + XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' + XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' + XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' + XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' + XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' + XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' + XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' + XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' + XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' + XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' + XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' + XROAD_VMST_MEMBER_CODE: '7005942039' + XROAD_WORK_ACCIDENT_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' files: - - islyklar.p12 + - 'islyklar.p12' grantNamespaces: - - nginx-ingress-internal - - islandis + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -141,47 +140,46 @@ service: max: 60 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: application-payment-callback-xrd.internal.staging01.devland.is + - host: 'application-payment-callback-xrd.internal.staging01.devland.is' paths: - - /application-payment - - /applications - - host: application-callback-xrd.internal.staging01.devland.is + - '/application-payment' + - '/applications' + - host: 'application-callback-xrd.internal.staging01.devland.is' paths: - - /application-payment - - /applications + - '/application-payment' + - '/applications' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: application_system_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: application_system_api - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'application_system_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'application_system_api' secrets: - DB_PASS: /k8s/application-system-api/DB_PASSWORD - namespace: application-system + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + namespace: 'application-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -193,59 +191,59 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 1024Mi + cpu: '400m' + memory: '1024Mi' requests: - cpu: 75m - memory: 512Mi + cpu: '75m' + memory: '512Mi' secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: /k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME - ARK_BASE_URL: /k8s/application-system-api/ARK_BASE_URL - AUTH_JWT_SECRET: /k8s/application-system/api/AUTH_JWT_SECRET - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/api/CONTENTFUL_ACCESS_TOKEN - DATA_PROTECTION_COMPLAINT_API_PASSWORD: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD - DATA_PROTECTION_COMPLAINT_API_USERNAME: /k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME - DB_PASS: /k8s/application-system-api/DB_PASSWORD - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: /k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER - DOKOBIT_ACCESS_TOKEN: /k8s/application-system/api/DOKOBIT_ACCESS_TOKEN - DOKOBIT_URL: /k8s/application-system-api/DOKOBIT_URL - DOMSYSLA_PASSWORD: /k8s/application-system-api/DOMSYSLA_PASSWORD - DOMSYSLA_USERNAME: /k8s/application-system-api/DOMSYSLA_USERNAME - DRIVING_LICENSE_BOOK_PASSWORD: /k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD - DRIVING_LICENSE_BOOK_USERNAME: /k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME - DRIVING_LICENSE_BOOK_XROAD_PATH: /k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH - EMAIL_FROM: /k8s/application-system/api/EMAIL_FROM - EMAIL_FROM_NAME: /k8s/application-system/api/EMAIL_FROM_NAME - EMAIL_REPLY_TO: /k8s/application-system/api/EMAIL_REPLY_TO - EMAIL_REPLY_TO_NAME: /k8s/application-system/api/EMAIL_REPLY_TO_NAME - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: /k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET - IDENTITY_SERVER_CLIENT_SECRET: /k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET - ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH - ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - NOVA_PASSWORD: /k8s/application-system/api/NOVA_PASSWORD - NOVA_URL: /k8s/application-system-api/NOVA_URL - SYSLUMENN_HOST: /k8s/application-system-api/SYSLUMENN_HOST - SYSLUMENN_PASSWORD: /k8s/application-system/api/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/application-system/api/SYSLUMENN_USERNAME - VMST_ID: /k8s/application-system/VMST_ID - XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET - XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD - XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME - XROAD_PAYMENT_PASSWORD: /k8s/application-system-api/PAYMENT_PASSWORD - XROAD_PAYMENT_USER: /k8s/application-system-api/PAYMENT_USER - XROAD_PROPERTIES_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - XROAD_VMST_API_KEY: /k8s/vmst-client/VMST_API_KEY + ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' + ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' + ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' + AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' + DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' + DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' + DB_PASS: '/k8s/application-system-api/DB_PASSWORD' + DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' + DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' + DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' + DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' + DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' + DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' + DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' + DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' + EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' + FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' + FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' + NOVA_URL: '/k8s/application-system-api/NOVA_URL' + SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' + SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' + VMST_ID: '/k8s/application-system/VMST_ID' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' + XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' + XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' + XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/application-system-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' create: true - name: application-system-api + name: 'application-system-api' diff --git a/charts/services/application-system-form/values.dev.yaml b/charts/services/application-system-form/values.dev.yaml index 7c9c623e2487..4fd5a2488827 100644 --- a/charts/services/application-system-form/values.dev.yaml +++ b/charts/services/application-system-form/values.dev.yaml @@ -1,27 +1,25 @@ service: - name: application-system-form + name: 'application-system-form' enabled: true env: - BASEPATH: /umsoknir - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 - SERVERSIDE_FEATURES_ON: "" - SI_PUBLIC_ENVIRONMENT: dev - SI_PUBLIC_GRAPHQL_PATH: "" - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' grantNamespaces: - - nginx-ingress-internal - - nginx-ingress-external - - islandis + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -32,19 +30,19 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.dev01.devland.is + - host: 'beta.dev01.devland.is' paths: - - /umsoknir - namespace: application-system + - '/umsoknir' + namespace: 'application-system' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -54,16 +52,16 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 10m - memory: 128Mi + cpu: '10m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/application-system-form/values.prod.yaml b/charts/services/application-system-form/values.prod.yaml index 4b1181a1aec3..50adb0555485 100644 --- a/charts/services/application-system-form/values.prod.yaml +++ b/charts/services/application-system-form/values.prod.yaml @@ -1,27 +1,26 @@ service: - name: application-system-form + name: 'application-system-form' enabled: true env: - BASEPATH: /umsoknir - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SI_PUBLIC_ENVIRONMENT: prod - SI_PUBLIC_GRAPHQL_PATH: "" - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' grantNamespaces: - - nginx-ingress-internal - - nginx-ingress-external - - islandis + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -32,22 +31,22 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: island.is + - host: 'island.is' paths: - - /umsoknir - - host: www.island.is + - '/umsoknir' + - host: 'www.island.is' paths: - - /umsoknir - namespace: application-system + - '/umsoknir' + namespace: 'application-system' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -57,16 +56,16 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 10m - memory: 128Mi + cpu: '10m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/application-system-form/values.staging.yaml b/charts/services/application-system-form/values.staging.yaml index 29f2d5f6eb7c..5f1ad830a46a 100644 --- a/charts/services/application-system-form/values.staging.yaml +++ b/charts/services/application-system-form/values.staging.yaml @@ -1,27 +1,25 @@ service: - name: application-system-form + name: 'application-system-form' enabled: true env: - BASEPATH: /umsoknir - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 - SERVERSIDE_FEATURES_ON: "" - SI_PUBLIC_ENVIRONMENT: staging - SI_PUBLIC_GRAPHQL_PATH: "" - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + BASEPATH: '/umsoknir' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' grantNamespaces: - - nginx-ingress-internal - - nginx-ingress-external - - islandis + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -32,19 +30,19 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.staging01.devland.is + - host: 'beta.staging01.devland.is' paths: - - /umsoknir - namespace: application-system + - '/umsoknir' + namespace: 'application-system' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -54,16 +52,16 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 10m - memory: 128Mi + cpu: '10m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/auth-admin-web/values.dev.yaml b/charts/services/auth-admin-web/values.dev.yaml index 5775675d21fc..5f9c634c2a2f 100644 --- a/charts/services/auth-admin-web/values.dev.yaml +++ b/charts/services/auth-admin-web/values.dev.yaml @@ -1,27 +1,26 @@ service: - name: auth-admin-web + name: 'auth-admin-web' enabled: true env: - BASE_URL: https://identity-server.dev01.devland.is/admin - IDENTITYSERVER_DOMAIN: identity-server.dev01.devland.is - LOG_LEVEL: info - NEXTAUTH_URL: https://identity-server.dev01.devland.is/admin/api/auth - NEXT_PUBLIC_BACKEND_URL: /backend - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + BASE_URL: 'https://identity-server.dev01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external - - nginx-ingress-internal - - islandis + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -32,21 +31,21 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 16k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/proxy-buffers-number: "4" - nginx.ingress.kubernetes.io/server-snippet: client_header_buffer_size 16k; large_client_header_buffers 4 16k; - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: identity-server.dev01.devland.is + - host: 'identity-server.dev01.devland.is' paths: - - /admin - namespace: identity-server-admin + - '/admin' + namespace: 'identity-server-admin' podDisruptionBudget: maxUnavailable: 1 progressDeadlineSeconds: 1200 @@ -57,14 +56,14 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 256Mi + cpu: '400m' + memory: '256Mi' requests: - cpu: 200m - memory: 192Mi + cpu: '200m' + memory: '192Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - IDENTITYSERVER_SECRET: /k8s/auth-admin-web/IDENTITYSERVER_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/auth-admin-web/values.prod.yaml b/charts/services/auth-admin-web/values.prod.yaml index 2d869d5f30ee..ce90f12339d9 100644 --- a/charts/services/auth-admin-web/values.prod.yaml +++ b/charts/services/auth-admin-web/values.prod.yaml @@ -1,27 +1,27 @@ service: - name: auth-admin-web + name: 'auth-admin-web' enabled: true env: - BASE_URL: https://innskra.island.is/admin - IDENTITYSERVER_DOMAIN: innskra.island.is - LOG_LEVEL: info - NEXTAUTH_URL: https://innskra.island.is/admin/api/auth - NEXT_PUBLIC_BACKEND_URL: /backend - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + BASE_URL: 'https://innskra.island.is/admin' + IDENTITYSERVER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-external - - nginx-ingress-internal - - islandis + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -32,19 +32,19 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: innskra.island.is + - host: 'innskra.island.is' paths: - - /admin - namespace: identity-server-admin + - '/admin' + namespace: 'identity-server-admin' podDisruptionBudget: maxUnavailable: 1 progressDeadlineSeconds: 1200 @@ -55,14 +55,14 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 256Mi + cpu: '400m' + memory: '256Mi' requests: - cpu: 200m - memory: 192Mi + cpu: '200m' + memory: '192Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - IDENTITYSERVER_SECRET: /k8s/auth-admin-web/IDENTITYSERVER_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/auth-admin-web/values.staging.yaml b/charts/services/auth-admin-web/values.staging.yaml index bd0ad9f95dd0..47cf87d1a295 100644 --- a/charts/services/auth-admin-web/values.staging.yaml +++ b/charts/services/auth-admin-web/values.staging.yaml @@ -1,27 +1,26 @@ service: - name: auth-admin-web + name: 'auth-admin-web' enabled: true env: - BASE_URL: https://identity-server.staging01.devland.is/admin - IDENTITYSERVER_DOMAIN: identity-server.staging01.devland.is - LOG_LEVEL: info - NEXTAUTH_URL: https://identity-server.staging01.devland.is/admin/api/auth - NEXT_PUBLIC_BACKEND_URL: /backend - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + BASE_URL: 'https://identity-server.staging01.devland.is/admin' + IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' + NEXT_PUBLIC_BACKEND_URL: '/backend' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external - - nginx-ingress-internal - - islandis + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -32,21 +31,21 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 16k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/proxy-buffers-number: "4" - nginx.ingress.kubernetes.io/server-snippet: client_header_buffer_size 16k; large_client_header_buffers 4 16k; - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/proxy-buffers-number: '4' + nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: identity-server.staging01.devland.is + - host: 'identity-server.staging01.devland.is' paths: - - /admin - namespace: identity-server-admin + - '/admin' + namespace: 'identity-server-admin' podDisruptionBudget: maxUnavailable: 1 progressDeadlineSeconds: 1200 @@ -57,14 +56,14 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 256Mi + cpu: '400m' + memory: '256Mi' requests: - cpu: 200m - memory: 192Mi + cpu: '200m' + memory: '192Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - IDENTITYSERVER_SECRET: /k8s/auth-admin-web/IDENTITYSERVER_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/consultation-portal/values.dev.yaml b/charts/services/consultation-portal/values.dev.yaml index efe490249cdc..a1a02ad1e8ce 100644 --- a/charts/services/consultation-portal/values.dev.yaml +++ b/charts/services/consultation-portal/values.dev.yaml @@ -1,26 +1,25 @@ service: - name: consultation-portal + name: 'consultation-portal' enabled: true env: - API_URL: http://web-api.islandis.svc.cluster.local - BACKEND_DL_URL: https://samradapi-test.devland.is/api/Documents/ - BASEPATH: /consultation-portal - ENVIRONMENT: dev - IDENTITY_SERVER_ISSUER_DOMAIN: identity-server.dev01.devland.is - LOG_LEVEL: info - NEXTAUTH_URL: https://beta.dev01.devland.is/samradsgatt/api/auth - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'dev' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,19 +30,19 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.dev01.devland.is + - host: 'beta.dev01.devland.is' paths: - - /samradsgatt - namespace: consultation-portal + - '/samradsgatt' + namespace: 'consultation-portal' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -53,16 +52,16 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN - IDENTITY_SERVER_SECRET: /k8s/consultation-portal/IDENTITY_SERVER_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/consultation-portal/values.prod.yaml b/charts/services/consultation-portal/values.prod.yaml index ff1df323f0d8..b23963e806d9 100644 --- a/charts/services/consultation-portal/values.prod.yaml +++ b/charts/services/consultation-portal/values.prod.yaml @@ -1,26 +1,26 @@ service: - name: consultation-portal + name: 'consultation-portal' enabled: true env: - API_URL: http://web-api.islandis.svc.cluster.local - BACKEND_DL_URL: https://samradapi.island.is/api/Documents/ - BASEPATH: /consultation-portal - ENVIRONMENT: prod - IDENTITY_SERVER_ISSUER_DOMAIN: innskra.island.is - LOG_LEVEL: info - NEXTAUTH_URL: https://island.is/samradsgatt/api/auth - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'prod' + IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,22 +31,22 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: island.is + - host: 'island.is' paths: - - /samradsgatt - - host: www.island.is + - '/samradsgatt' + - host: 'www.island.is' paths: - - /samradsgatt - namespace: consultation-portal + - '/samradsgatt' + namespace: 'consultation-portal' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -56,16 +56,16 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN - IDENTITY_SERVER_SECRET: /k8s/consultation-portal/IDENTITY_SERVER_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/consultation-portal/values.staging.yaml b/charts/services/consultation-portal/values.staging.yaml index 5edef6ec6914..50bdc4da4988 100644 --- a/charts/services/consultation-portal/values.staging.yaml +++ b/charts/services/consultation-portal/values.staging.yaml @@ -1,26 +1,25 @@ service: - name: consultation-portal + name: 'consultation-portal' enabled: true env: - API_URL: http://web-api.islandis.svc.cluster.local - BACKEND_DL_URL: https://samradapi-test.devland.is/api/Documents/ - BASEPATH: /consultation-portal - ENVIRONMENT: staging - IDENTITY_SERVER_ISSUER_DOMAIN: identity-server.staging01.devland.is - LOG_LEVEL: info - NEXTAUTH_URL: https://beta.staging01.devland.is/samradsgatt/api/auth - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + API_URL: 'http://web-api.islandis.svc.cluster.local' + BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' + BASEPATH: '/consultation-portal' + ENVIRONMENT: 'staging' + IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,19 +30,19 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.staging01.devland.is + - host: 'beta.staging01.devland.is' paths: - - /samradsgatt - namespace: consultation-portal + - '/samradsgatt' + namespace: 'consultation-portal' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -53,16 +52,16 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN - IDENTITY_SERVER_SECRET: /k8s/consultation-portal/IDENTITY_SERVER_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/contentful-apps/values.dev.yaml b/charts/services/contentful-apps/values.dev.yaml index 00b78c3e18f4..9a3730d0784e 100644 --- a/charts/services/contentful-apps/values.dev.yaml +++ b/charts/services/contentful-apps/values.dev.yaml @@ -1,20 +1,19 @@ service: - name: contentful-apps + name: 'contentful-apps' enabled: true env: - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -25,17 +24,17 @@ service: max: 10 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: contentful-apps.dev01.devland.is + - host: 'contentful-apps.dev01.devland.is' paths: - - / - namespace: contentful-apps + - '/' + namespace: 'contentful-apps' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -47,18 +46,18 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/contentful-apps + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' create: true - name: contentful-apps + name: 'contentful-apps' diff --git a/charts/services/contentful-apps/values.prod.yaml b/charts/services/contentful-apps/values.prod.yaml index ff95593c4eb3..e6056818fb35 100644 --- a/charts/services/contentful-apps/values.prod.yaml +++ b/charts/services/contentful-apps/values.prod.yaml @@ -1,20 +1,20 @@ service: - name: contentful-apps + name: 'contentful-apps' enabled: true env: - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -25,17 +25,17 @@ service: max: 10 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: contentful-apps.island.is + - host: 'contentful-apps.island.is' paths: - - / - namespace: contentful-apps + - '/' + namespace: 'contentful-apps' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -47,18 +47,18 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/contentful-apps + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' create: true - name: contentful-apps + name: 'contentful-apps' diff --git a/charts/services/contentful-entry-tagger-service/values.dev.yaml b/charts/services/contentful-entry-tagger-service/values.dev.yaml index cdc43dcfb7dc..beb56b5b6528 100644 --- a/charts/services/contentful-entry-tagger-service/values.dev.yaml +++ b/charts/services/contentful-entry-tagger-service/values.dev.yaml @@ -1,20 +1,19 @@ service: - name: contentful-entry-tagger-service + name: 'contentful-entry-tagger-service' enabled: true env: - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -25,17 +24,17 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: contentful-entry-tagger-service.dev01.devland.is + - host: 'contentful-entry-tagger-service.dev01.devland.is' paths: - - / - namespace: contentful-entry-tagger + - '/' + namespace: 'contentful-entry-tagger' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -47,20 +46,20 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: /k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN - CONTENTFUL_REQUEST_TOKEN: /k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/contentful-entry-tagger + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' create: true - name: contentful-entry-tagger + name: 'contentful-entry-tagger' diff --git a/charts/services/contentful-entry-tagger-service/values.prod.yaml b/charts/services/contentful-entry-tagger-service/values.prod.yaml index 280194e8d4af..6ff3a713a921 100644 --- a/charts/services/contentful-entry-tagger-service/values.prod.yaml +++ b/charts/services/contentful-entry-tagger-service/values.prod.yaml @@ -1,20 +1,20 @@ service: - name: contentful-entry-tagger-service + name: 'contentful-entry-tagger-service' enabled: true env: - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -25,17 +25,17 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: contentful-entry-tagger-service.devland.is + - host: 'contentful-entry-tagger-service.devland.is' paths: - - / - namespace: contentful-entry-tagger + - '/' + namespace: 'contentful-entry-tagger' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -47,20 +47,20 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: /k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN - CONTENTFUL_REQUEST_TOKEN: /k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' + CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/contentful-entry-tagger + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' create: true - name: contentful-entry-tagger + name: 'contentful-entry-tagger' diff --git a/charts/services/download-service/values.dev.yaml b/charts/services/download-service/values.dev.yaml index 6aa6795c0e7a..3e793c5edc04 100644 --- a/charts/services/download-service/values.dev.yaml +++ b/charts/services/download-service/values.dev.yaml @@ -1,50 +1,49 @@ service: - name: download-service + name: 'download-service' enabled: true env: - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/download-service" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local - SERVERSIDE_FEATURES_ON: "" - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1 - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_BIFROST_UNIVERSITY_PATH: IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1 - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur - XROAD_FINANCES_PATH: IS-DEV/GOV/10021/FJS-Public/financeIsland - XROAD_FINANCES_V2_PATH: IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2 - XROAD_HEALTH_INSURANCE_ID: IS-DEV/GOV/10007/SJUKRA-Protected - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur - XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl - XROAD_HMS_HOUSING_BENEFITS_PATH: IS-DEV/GOV/10033/HMS-Protected/husbot-v1 - XROAD_HMS_LOANS_PATH: IS-DEV/GOV/10033/HMS-Protected/libra-v1 - XROAD_HOLAR_UNIVERSITY_PATH: IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1 - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1 - XROAD_MMS_GRADE_SERVICE_ID: IS-DEV/GOV/10066/MMS-Protected/grade-api-v1 - XROAD_MMS_LICENSE_SERVICE_ID: IS-DEV/GOV/10066/MMS-Protected/license-api-v1 - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1 - XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10010/HI-Protected/brautskraning-v1 - XROAD_VEHICLES_PATH: IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1 - XROAD_WORK_MACHINE_LICENSE_PATH: IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' grantNamespaces: - - islandis - - nginx-ingress-external - - services-bff-portals-admin + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: download/v1/liveness + path: 'download/v1/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: download/v1/readiness + path: 'download/v1/readiness' timeoutSeconds: 3 hpa: scaling: @@ -55,18 +54,18 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: api.dev01.devland.is + - host: 'api.dev01.devland.is' paths: - - /download - namespace: download-service + - '/download' + namespace: 'download-service' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -76,26 +75,26 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - IDENTITY_SERVER_CLIENT_SECRET: /k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET - POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH - POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID - POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET - POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL - REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH - XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD - XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/download-service/values.prod.yaml b/charts/services/download-service/values.prod.yaml index cb6400083774..4980e4f1ae9e 100644 --- a/charts/services/download-service/values.prod.yaml +++ b/charts/services/download-service/values.prod.yaml @@ -1,50 +1,50 @@ service: - name: download-service + name: 'download-service' enabled: true env: - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/download-service" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/4112043590/LBHI-Protected/brautskraning-v1 - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_BIFROST_UNIVERSITY_PATH: IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1 - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur - XROAD_FINANCES_PATH: IS/GOV/5402697509/FJS-Public/financeIsland - XROAD_FINANCES_V2_PATH: IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2 - XROAD_HEALTH_INSURANCE_ID: IS/GOV/4804080550/SJUKRA-Protected - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS/GOV/4804080550/SJUKRA-Protected/minarsidur - XROAD_HEALTH_INSURANCE_WSDLURL: https://huld.sjukra.is/islandrg?wsdl - XROAD_HMS_HOUSING_BENEFITS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1 - XROAD_HMS_LOANS_PATH: IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1 - XROAD_HOLAR_UNIVERSITY_PATH: IS/EDU/5001694359/Holar-Protected/brautskraning-v1 - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS/EDU/4210984099/LHI-Protected/brautskraning-v1 - XROAD_MMS_GRADE_SERVICE_ID: IS/GOV/6601241280/MMS-Protected/grade-api-v1 - XROAD_MMS_LICENSE_SERVICE_ID: IS/GOV/6601241280/MMS-Protected/license-api-v1 - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS/EDU/5206871229/UNAK-Protected/brautskraning-v1 - XROAD_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/6001692039/HI-Protected/brautskraning-v1 - XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 - XROAD_WORK_MACHINE_LICENSE_PATH: IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' grantNamespaces: - - islandis - - nginx-ingress-external - - services-bff-portals-admin + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: download/v1/liveness + path: 'download/v1/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: download/v1/readiness + path: 'download/v1/readiness' timeoutSeconds: 3 hpa: scaling: @@ -55,17 +55,17 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: api.island.is + - host: 'api.island.is' paths: - - /download - namespace: download-service + - '/download' + namespace: 'download-service' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -75,26 +75,26 @@ service: min: 3 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - IDENTITY_SERVER_CLIENT_SECRET: /k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET - POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH - POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID - POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET - POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL - REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH - XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD - XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/download-service/values.staging.yaml b/charts/services/download-service/values.staging.yaml index 7c49d3dc3613..580b53c74e4d 100644 --- a/charts/services/download-service/values.staging.yaml +++ b/charts/services/download-service/values.staging.yaml @@ -1,50 +1,49 @@ service: - name: download-service + name: 'download-service' enabled: true env: - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/download-service" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - REGULATIONS_ADMIN_URL: http://web-regulations-admin-backend.regulations-admin.svc.cluster.local - SERVERSIDE_FEATURES_ON: "" - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1 - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_BIFROST_UNIVERSITY_PATH: IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1 - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur - XROAD_FINANCES_PATH: IS-TEST/GOV/10021/FJS-Public/financeIsland - XROAD_FINANCES_V2_PATH: IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2 - XROAD_HEALTH_INSURANCE_ID: IS-TEST/GOV/4804080550/SJUKRA-Protected - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur - XROAD_HEALTH_INSURANCE_WSDLURL: https://test-huld.sjukra.is/islandrg?wsdl - XROAD_HMS_HOUSING_BENEFITS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1 - XROAD_HMS_LOANS_PATH: IS-TEST/GOV/5812191480/HMS-Protected/libra-v1 - XROAD_HOLAR_UNIVERSITY_PATH: IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1 - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1 - XROAD_MMS_GRADE_SERVICE_ID: IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1 - XROAD_MMS_LICENSE_SERVICE_ID: IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1 - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1 - XROAD_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10010/HI-Protected/brautskraning-v1 - XROAD_VEHICLES_PATH: IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1 - XROAD_WORK_MACHINE_LICENSE_PATH: IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' + XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' + XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' + XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' + XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' + XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' + XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' + XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' + XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' + XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' + XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' + XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' + XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' + XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' + XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' + XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' grantNamespaces: - - islandis - - nginx-ingress-external - - services-bff-portals-admin + - 'islandis' + - 'nginx-ingress-external' + - 'services-bff-portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: download/v1/liveness + path: 'download/v1/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: download/v1/readiness + path: 'download/v1/readiness' timeoutSeconds: 3 hpa: scaling: @@ -55,18 +54,18 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: api.staging01.devland.is + - host: 'api.staging01.devland.is' paths: - - /download - namespace: download-service + - '/download' + namespace: 'download-service' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -76,26 +75,26 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - IDENTITY_SERVER_CLIENT_SECRET: /k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET - POSTHOLF_BASE_PATH: /k8s/documents/POSTHOLF_BASE_PATH - POSTHOLF_CLIENTID: /k8s/documents/POSTHOLF_CLIENTID - POSTHOLF_CLIENT_SECRET: /k8s/documents/POSTHOLF_CLIENT_SECRET - POSTHOLF_TOKEN_URL: /k8s/documents/POSTHOLF_TOKEN_URL - REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH - XROAD_HEALTH_INSURANCE_PASSWORD: /k8s/health-insurance/XROAD-PASSWORD - XROAD_HEALTH_INSURANCE_USERNAME: /k8s/health-insurance/XROAD-USER - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: /k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: /k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' + POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' + POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' + POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' + POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' + XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' + XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' + XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' + XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/endorsement-system-api/values.dev.yaml b/charts/services/endorsement-system-api/values.dev.yaml index ee039b49b8b7..a048c372c915 100644 --- a/charts/services/endorsement-system-api/values.dev.yaml +++ b/charts/services/endorsement-system-api/values.dev.yaml @@ -1,51 +1,50 @@ service: - name: endorsement-system-api + name: 'endorsement-system-api' args: - - --tls-min-v1.0 - - --no-experimental-fetch - - main.js + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_endorsements_api - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: services_endorsements_api - EMAIL_FROM_ADDRESS: development@island.is - EMAIL_FROM_NAME: devland.is - EMAIL_REGION: eu-west-1 - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: island-is-dev-exports-endorsement-system - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/endorsement" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "10001" - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' grantNamespaces: - - islandis - - application-system + - 'islandis' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -56,31 +55,30 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: services_endorsements_api - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: services_endorsements_api - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_endorsements_api' secrets: - DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD - namespace: endorsement-system + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -92,21 +90,21 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/endorsement-system-api/IDS-shared-secret - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/endorsement-system-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' create: true - name: endorsement-system-api + name: 'endorsement-system-api' diff --git a/charts/services/endorsement-system-api/values.prod.yaml b/charts/services/endorsement-system-api/values.prod.yaml index 03cbf4e72644..3694f2d68ec2 100644 --- a/charts/services/endorsement-system-api/values.prod.yaml +++ b/charts/services/endorsement-system-api/values.prod.yaml @@ -1,51 +1,51 @@ service: - name: endorsement-system-api + name: 'endorsement-system-api' args: - - --tls-min-v1.0 - - --no-experimental-fetch - - main.js + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_endorsements_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_endorsements_api - EMAIL_FROM_ADDRESS: noreply@island.is - EMAIL_FROM_NAME: island.is - EMAIL_REGION: eu-west-1 - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: island-is-prod-exports-endorsement-system - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/endorsement" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_FROM_NAME: 'island.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' grantNamespaces: - - islandis - - application-system + - 'islandis' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -56,31 +56,31 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: services_endorsements_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_endorsements_api - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD - namespace: endorsement-system + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -92,21 +92,21 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/endorsement-system-api/IDS-shared-secret - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/endorsement-system-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' create: true - name: endorsement-system-api + name: 'endorsement-system-api' diff --git a/charts/services/endorsement-system-api/values.staging.yaml b/charts/services/endorsement-system-api/values.staging.yaml index 274eade7d58b..335f6c6e3415 100644 --- a/charts/services/endorsement-system-api/values.staging.yaml +++ b/charts/services/endorsement-system-api/values.staging.yaml @@ -1,51 +1,50 @@ service: - name: endorsement-system-api + name: 'endorsement-system-api' args: - - --tls-min-v1.0 - - --no-experimental-fetch - - main.js + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_endorsements_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_endorsements_api - EMAIL_FROM_ADDRESS: development@island.is - EMAIL_FROM_NAME: devland.is - EMAIL_REGION: eu-west-1 - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: island-is-staging-exports-endorsement-system - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/endorsement" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_FROM_NAME: 'devland.is' + EMAIL_REGION: 'eu-west-1' + ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' grantNamespaces: - - islandis - - application-system + - 'islandis' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -56,31 +55,30 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: services_endorsements_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_endorsements_api - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_endorsements_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_endorsements_api' secrets: - DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD - namespace: endorsement-system + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + namespace: 'endorsement-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -92,21 +90,21 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-endorsements-api/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/endorsement-system-api/IDS-shared-secret - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/endorsement-system-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' create: true - name: endorsement-system-api + name: 'endorsement-system-api' diff --git a/charts/services/external-contracts-tests/values.dev.yaml b/charts/services/external-contracts-tests/values.dev.yaml index 2b05d25adf66..5d5c2c726569 100644 --- a/charts/services/external-contracts-tests/values.dev.yaml +++ b/charts/services/external-contracts-tests/values.dev.yaml @@ -1,28 +1,27 @@ service: - name: external-contracts-tests + name: 'external-contracts-tests' enabled: true env: - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "10001" - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -33,8 +32,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests - namespace: external-contracts-tests + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' + namespace: 'external-contracts-tests' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -44,14 +43,14 @@ service: min: 1 resources: limits: - cpu: "1" - memory: 1024Mi + cpu: '1' + memory: '1024Mi' requests: - cpu: 500m - memory: 512Mi - schedule: 0 11 * * * + cpu: '500m' + memory: '512Mi' + schedule: '0 11 * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/github-actions-cache/values.dev.yaml b/charts/services/github-actions-cache/values.dev.yaml index 5bcc9201f243..915bbb161f5d 100644 --- a/charts/services/github-actions-cache/values.dev.yaml +++ b/charts/services/github-actions-cache/values.dev.yaml @@ -1,27 +1,26 @@ service: - name: github-actions-cache + name: 'github-actions-cache' args: - - --tls-min-v1.0 - - --no-experimental-fetch - - main.js + - '--tls-min-v1.0' + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 - REDIS_NODES: clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379 - SERVERSIDE_FEATURES_ON: "" + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health + path: '/health' timeoutSeconds: 3 hpa: scaling: @@ -32,18 +31,18 @@ service: max: 8 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: cache.dev01.devland.is + - host: 'cache.dev01.devland.is' paths: - - / - namespace: github-actions-cache + - '/' + namespace: 'github-actions-cache' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -55,18 +54,18 @@ service: min: 3 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/github-actions-cache + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' create: true - name: github-actions-cache + name: 'github-actions-cache' diff --git a/charts/services/icelandic-names-registry-backend/values.dev.yaml b/charts/services/icelandic-names-registry-backend/values.dev.yaml index f603b5505307..e63778ee3933 100644 --- a/charts/services/icelandic-names-registry-backend/values.dev.yaml +++ b/charts/services/icelandic-names-registry-backend/values.dev.yaml @@ -1,26 +1,25 @@ service: - name: icelandic-names-registry-backend + name: 'icelandic-names-registry-backend' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: icelandic_names_registry_backend - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: icelandic_names_registry_backend - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - islandis + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,44 +30,43 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' - args: - - sequelize-cli - - db:seed:all + - 'sequelize-cli' + - 'db:seed:all' command: - - npx - name: seed + - 'npx' + name: 'seed' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: icelandic_names_registry_backend - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: icelandic_names_registry_backend - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'icelandic_names_registry_backend' secrets: - DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD - namespace: icelandic-names-registry + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -78,14 +76,14 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/icelandic-names-registry-backend/values.prod.yaml b/charts/services/icelandic-names-registry-backend/values.prod.yaml index 33659d0743ae..e8a16587358b 100644 --- a/charts/services/icelandic-names-registry-backend/values.prod.yaml +++ b/charts/services/icelandic-names-registry-backend/values.prod.yaml @@ -1,26 +1,26 @@ service: - name: icelandic-names-registry-backend + name: 'icelandic-names-registry-backend' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: icelandic_names_registry_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: icelandic_names_registry_backend - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - islandis + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,44 +31,44 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' - args: - - sequelize-cli - - db:seed:all + - 'sequelize-cli' + - 'db:seed:all' command: - - npx - name: seed + - 'npx' + name: 'seed' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: icelandic_names_registry_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: icelandic_names_registry_backend - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD - namespace: icelandic-names-registry + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -78,14 +78,14 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/icelandic-names-registry-backend/values.staging.yaml b/charts/services/icelandic-names-registry-backend/values.staging.yaml index 319b33d6f4ef..472dc5437b77 100644 --- a/charts/services/icelandic-names-registry-backend/values.staging.yaml +++ b/charts/services/icelandic-names-registry-backend/values.staging.yaml @@ -1,26 +1,25 @@ service: - name: icelandic-names-registry-backend + name: 'icelandic-names-registry-backend' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: icelandic_names_registry_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: icelandic_names_registry_backend - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - islandis + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,44 +30,43 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' - args: - - sequelize-cli - - db:seed:all + - 'sequelize-cli' + - 'db:seed:all' command: - - npx - name: seed + - 'npx' + name: 'seed' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: icelandic_names_registry_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: icelandic_names_registry_backend - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'icelandic_names_registry_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'icelandic_names_registry_backend' secrets: - DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD - namespace: icelandic-names-registry + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' + namespace: 'icelandic-names-registry' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -78,14 +76,14 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/icelandic-names-registry-backend/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/identity-server/values.dev.yaml b/charts/services/identity-server/values.dev.yaml index 38fc489228f5..78f00db79c10 100644 --- a/charts/services/identity-server/values.dev.yaml +++ b/charts/services/identity-server/values.dev.yaml @@ -1,59 +1,58 @@ service: - name: identity-server + name: 'identity-server' annotations: ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: "[{}]" + ad.datadoghq.com/identity-server.init_configs: '[{}]' ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' enabled: true env: - ASPNETCORE_URLS: http://*:5000 - AWS__CloudWatch__AuditLogGroup: /identity-server/audit-log - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: /k8s/identity-server/DataProtectionSecret - Application__AllowedRedirectUris: https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir - Application__MinCompletionPortThreads: "10" - AudkenniSettings__Retries: "24" - CORECLR_ENABLE_PROFILING: "1" - CORECLR_PROFILER: "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}" - CORECLR_PROFILER_PATH: /opt/datadog/Datadog.Trace.ClrProfiler.Native.so - CacheSettings__Enabled: "true" - ContentfulSettings__BaseAddress: https://preview.contentful.com - DD_DOTNET_TRACER_HOME: /opt/datadog - DD_INTEGRATIONS: /opt/datadog/integrations.json - DD_TRACE_DEBUG: "true" - Datadog__Metrics__Port: "5003" - IdentityServer__ConsentsScope: "@island.is/auth/consents" - IdentityServer__EnableFakeLogin: "true" - IdentityServer__EnableFeatureDeploymentWildcards: "true" - IdentityServer__KeyManagement__Enabled: "true" - IdentityServer__SigningCertificate__Path: /etc/config/ids-signing.pfx - LOG_LEVEL: info - MeUserProfileApiSettings__BaseAddress: http://web-service-portal-api.service-portal.svc.cluster.local - NODE_OPTIONS: --max-old-space-size=1843 -r dd-trace/init - PersistenceSettings__BaseAddress: http://web-services-auth-ids-api - PersistenceSettings__DelegationsCacheEnabled: "false" - RedisSettings__Address: clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com - RedisSettings__Port: "6379" - SERVERSIDE_FEATURES_ON: "" - SessionsApiSettings__BaseAddress: http://web-services-sessions.services-sessions.svc.cluster.local + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://preview.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' files: - - ids-signing.pfx + - 'ids-signing.pfx' grantNamespaces: - - nginx-ingress-external - - user-notification - - portals-admin + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 port: 5010 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -64,30 +63,30 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: identity-server.dev01.devland.is + - host: 'identity-server.dev01.devland.is' paths: - - / - namespace: identity-server + - '/' + namespace: 'identity-server' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: fsGroup: 65534 pvcs: - - accessModes: ReadWriteMany - mountPath: /keys - name: identity-server - size: 1Gi - storageClass: efs-csi + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' useExisting: false replicaCount: default: 1 @@ -95,24 +94,24 @@ service: min: 1 resources: limits: - cpu: 4000m - memory: 2048Mi + cpu: '4000m' + memory: '2048Mi' requests: - cpu: 1000m - memory: 1024Mi + cpu: '1000m' + memory: '1024Mi' secrets: - AudkenniSettings__ClientId: /k8s/identity-server/AudkenniClientId - AudkenniSettings__ClientSecret: /k8s/identity-server/AudkenniClientSecret - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ContentfulSettings__AccessToken: /k8s/identity-server/CONTENTFUL_ACCESS_TOKEN - FeatureFlags__ConfigCatSdkKey: /k8s/configcat/CONFIGCAT_SDK_KEY - IdentityServer__FakePersons: /k8s/identity-server/FakePersons - IdentityServer__LicenseKey: /k8s/identity-server/LicenseKey - IdentityServer__SigningCertificate__Passphrase: /k8s/identity-server/SigningCertificatePassphrase - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: /k8s/identity-server/ClientSecret - Redaction__UserIdentifiers__Key: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY - Redaction__UserIdentifiers__KeyId: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID - Scopes__Admin__RootAccessList: /k8s/identity-server/AdminRootAccessList + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' securityContext: allowPrivilegeEscalation: false privileged: false @@ -120,6 +119,6 @@ service: targetPort: 5000 serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/identity-server + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' create: true - name: identity-server + name: 'identity-server' diff --git a/charts/services/identity-server/values.prod.yaml b/charts/services/identity-server/values.prod.yaml index 5d9cd80649a0..1d7e64e5903d 100644 --- a/charts/services/identity-server/values.prod.yaml +++ b/charts/services/identity-server/values.prod.yaml @@ -1,59 +1,59 @@ service: - name: identity-server + name: 'identity-server' annotations: ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: "[{}]" + ad.datadoghq.com/identity-server.init_configs: '[{}]' ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' enabled: true env: - ASPNETCORE_URLS: http://*:5000 - AWS__CloudWatch__AuditLogGroup: /identity-server/audit-log - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: /k8s/identity-server/DataProtectionSecret - Application__AllowedRedirectUris: https://island.is/minarsidur,https://island.is/umsoknir - Application__MinCompletionPortThreads: "10" - AudkenniSettings__Retries: "24" - CORECLR_ENABLE_PROFILING: "1" - CORECLR_PROFILER: "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}" - CORECLR_PROFILER_PATH: /opt/datadog/Datadog.Trace.ClrProfiler.Native.so - CacheSettings__Enabled: "true" - ContentfulSettings__BaseAddress: https://cdn.contentful.com - DD_DOTNET_TRACER_HOME: /opt/datadog - DD_INTEGRATIONS: /opt/datadog/integrations.json - DD_TRACE_DEBUG: "true" - Datadog__Metrics__Port: "5003" - IdentityServer__ConsentsScope: "@island.is/auth/consents" - IdentityServer__EnableFakeLogin: "true" - IdentityServer__EnableFeatureDeploymentWildcards: "false" - IdentityServer__KeyManagement__Enabled: "true" - IdentityServer__SigningCertificate__Path: /etc/config/ids-signing.pfx - LOG_LEVEL: info - MeUserProfileApiSettings__BaseAddress: https://service-portal-api.internal.island.is - NODE_OPTIONS: --max-old-space-size=1843 -r dd-trace/init - PersistenceSettings__BaseAddress: http://web-services-auth-ids-api - PersistenceSettings__DelegationsCacheEnabled: "true" - RedisSettings__Address: clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com - RedisSettings__Port: "6379" - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SessionsApiSettings__BaseAddress: https://sessions-api.internal.island.is + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'false' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'true' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' files: - - ids-signing.pfx + - 'ids-signing.pfx' grantNamespaces: - - nginx-ingress-external - - user-notification - - portals-admin + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 port: 5010 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -64,29 +64,29 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: innskra.island.is + - host: 'innskra.island.is' paths: - - / - namespace: identity-server + - '/' + namespace: 'identity-server' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: fsGroup: 65534 pvcs: - - accessModes: ReadWriteMany - mountPath: /keys - name: identity-server - size: 1Gi - storageClass: efs-csi + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' useExisting: false replicaCount: default: 3 @@ -94,24 +94,24 @@ service: min: 3 resources: limits: - cpu: 4000m - memory: 2048Mi + cpu: '4000m' + memory: '2048Mi' requests: - cpu: 1000m - memory: 1024Mi + cpu: '1000m' + memory: '1024Mi' secrets: - AudkenniSettings__ClientId: /k8s/identity-server/AudkenniClientId - AudkenniSettings__ClientSecret: /k8s/identity-server/AudkenniClientSecret - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ContentfulSettings__AccessToken: /k8s/identity-server/CONTENTFUL_ACCESS_TOKEN - FeatureFlags__ConfigCatSdkKey: /k8s/configcat/CONFIGCAT_SDK_KEY - IdentityServer__FakePersons: /k8s/identity-server/FakePersons - IdentityServer__LicenseKey: /k8s/identity-server/LicenseKey - IdentityServer__SigningCertificate__Passphrase: /k8s/identity-server/SigningCertificatePassphrase - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: /k8s/identity-server/ClientSecret - Redaction__UserIdentifiers__Key: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY - Redaction__UserIdentifiers__KeyId: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID - Scopes__Admin__RootAccessList: /k8s/identity-server/AdminRootAccessList + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' securityContext: allowPrivilegeEscalation: false privileged: false @@ -119,6 +119,6 @@ service: targetPort: 5000 serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::567113216315:role/identity-server + eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' create: true - name: identity-server + name: 'identity-server' diff --git a/charts/services/identity-server/values.staging.yaml b/charts/services/identity-server/values.staging.yaml index 24cb0d547979..655402a5f5e9 100644 --- a/charts/services/identity-server/values.staging.yaml +++ b/charts/services/identity-server/values.staging.yaml @@ -1,59 +1,58 @@ service: - name: identity-server + name: 'identity-server' annotations: ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: "[{}]" + ad.datadoghq.com/identity-server.init_configs: '[{}]' ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' enabled: true env: - ASPNETCORE_URLS: http://*:5000 - AWS__CloudWatch__AuditLogGroup: /identity-server/audit-log - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: /k8s/identity-server/DataProtectionSecret - Application__AllowedRedirectUris: https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir - Application__MinCompletionPortThreads: "10" - AudkenniSettings__Retries: "24" - CORECLR_ENABLE_PROFILING: "1" - CORECLR_PROFILER: "{846F5F1C-F9AE-4B07-969E-05C26BC060D8}" - CORECLR_PROFILER_PATH: /opt/datadog/Datadog.Trace.ClrProfiler.Native.so - CacheSettings__Enabled: "true" - ContentfulSettings__BaseAddress: https://cdn.contentful.com - DD_DOTNET_TRACER_HOME: /opt/datadog - DD_INTEGRATIONS: /opt/datadog/integrations.json - DD_TRACE_DEBUG: "true" - Datadog__Metrics__Port: "5003" - IdentityServer__ConsentsScope: "@island.is/auth/consents" - IdentityServer__EnableFakeLogin: "true" - IdentityServer__EnableFeatureDeploymentWildcards: "true" - IdentityServer__KeyManagement__Enabled: "true" - IdentityServer__SigningCertificate__Path: /etc/config/ids-signing.pfx - LOG_LEVEL: info - MeUserProfileApiSettings__BaseAddress: http://web-service-portal-api.service-portal.svc.cluster.local - NODE_OPTIONS: --max-old-space-size=1843 -r dd-trace/init - PersistenceSettings__BaseAddress: http://web-services-auth-ids-api - PersistenceSettings__DelegationsCacheEnabled: "false" - RedisSettings__Address: clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com - RedisSettings__Port: "6379" - SERVERSIDE_FEATURES_ON: "" - SessionsApiSettings__BaseAddress: http://web-services-sessions.services-sessions.svc.cluster.local + ASPNETCORE_URLS: 'http://*:5000' + AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' + AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' + Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' + Application__MinCompletionPortThreads: '10' + AudkenniSettings__Retries: '24' + CORECLR_ENABLE_PROFILING: '1' + CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' + CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' + CacheSettings__Enabled: 'true' + ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' + DD_DOTNET_TRACER_HOME: '/opt/datadog' + DD_INTEGRATIONS: '/opt/datadog/integrations.json' + DD_TRACE_DEBUG: 'true' + Datadog__Metrics__Port: '5003' + IdentityServer__ConsentsScope: '@island.is/auth/consents' + IdentityServer__EnableFakeLogin: 'true' + IdentityServer__EnableFeatureDeploymentWildcards: 'true' + IdentityServer__KeyManagement__Enabled: 'true' + IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' + LOG_LEVEL: 'info' + MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' + NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' + PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' + PersistenceSettings__DelegationsCacheEnabled: 'false' + RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' + RedisSettings__Port: '6379' + SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' files: - - ids-signing.pfx + - 'ids-signing.pfx' grantNamespaces: - - nginx-ingress-external - - user-notification - - portals-admin + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 port: 5010 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -64,30 +63,30 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: identity-server.staging01.devland.is + - host: 'identity-server.staging01.devland.is' paths: - - / - namespace: identity-server + - '/' + namespace: 'identity-server' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: fsGroup: 65534 pvcs: - - accessModes: ReadWriteMany - mountPath: /keys - name: identity-server - size: 1Gi - storageClass: efs-csi + - accessModes: 'ReadWriteMany' + mountPath: '/keys' + name: 'identity-server' + size: '1Gi' + storageClass: 'efs-csi' useExisting: false replicaCount: default: 1 @@ -95,24 +94,24 @@ service: min: 1 resources: limits: - cpu: 4000m - memory: 2048Mi + cpu: '4000m' + memory: '2048Mi' requests: - cpu: 1000m - memory: 1024Mi + cpu: '1000m' + memory: '1024Mi' secrets: - AudkenniSettings__ClientId: /k8s/identity-server/AudkenniClientId - AudkenniSettings__ClientSecret: /k8s/identity-server/AudkenniClientSecret - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ContentfulSettings__AccessToken: /k8s/identity-server/CONTENTFUL_ACCESS_TOKEN - FeatureFlags__ConfigCatSdkKey: /k8s/configcat/CONFIGCAT_SDK_KEY - IdentityServer__FakePersons: /k8s/identity-server/FakePersons - IdentityServer__LicenseKey: /k8s/identity-server/LicenseKey - IdentityServer__SigningCertificate__Passphrase: /k8s/identity-server/SigningCertificatePassphrase - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: /k8s/identity-server/ClientSecret - Redaction__UserIdentifiers__Key: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY - Redaction__UserIdentifiers__KeyId: /k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID - Scopes__Admin__RootAccessList: /k8s/identity-server/AdminRootAccessList + AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' + AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' + FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' + IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' + IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' + PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' + Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' + Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' + Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' securityContext: allowPrivilegeEscalation: false privileged: false @@ -120,6 +119,6 @@ service: targetPort: 5000 serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/identity-server + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' create: true - name: identity-server + name: 'identity-server' diff --git a/charts/services/island-ui-storybook/values.dev.yaml b/charts/services/island-ui-storybook/values.dev.yaml index 6c193ac2aca9..50ea07b1ef80 100644 --- a/charts/services/island-ui-storybook/values.dev.yaml +++ b/charts/services/island-ui-storybook/values.dev.yaml @@ -1,21 +1,20 @@ service: - name: island-ui-storybook + name: 'island-ui-storybook' enabled: true env: - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 - SERVERSIDE_FEATURES_ON: "" + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -26,17 +25,17 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: ui.dev01.devland.is + - host: 'ui.dev01.devland.is' paths: - - / - namespace: storybook + - '/' + namespace: 'storybook' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -46,13 +45,13 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 10m - memory: 128Mi + cpu: '10m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/island-ui-storybook/values.prod.yaml b/charts/services/island-ui-storybook/values.prod.yaml index 835f963274b1..94c54a84a047 100644 --- a/charts/services/island-ui-storybook/values.prod.yaml +++ b/charts/services/island-ui-storybook/values.prod.yaml @@ -1,21 +1,21 @@ service: - name: island-ui-storybook + name: 'island-ui-storybook' enabled: true env: - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -26,17 +26,17 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: ui.devland.is + - host: 'ui.devland.is' paths: - - / - namespace: storybook + - '/' + namespace: 'storybook' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -46,13 +46,13 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 10m - memory: 128Mi + cpu: '10m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/island-ui-storybook/values.staging.yaml b/charts/services/island-ui-storybook/values.staging.yaml index 201fb6820f43..733e037b2c67 100644 --- a/charts/services/island-ui-storybook/values.staging.yaml +++ b/charts/services/island-ui-storybook/values.staging.yaml @@ -1,21 +1,20 @@ service: - name: island-ui-storybook + name: 'island-ui-storybook' enabled: true env: - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 - SERVERSIDE_FEATURES_ON: "" + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -26,17 +25,17 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: ui.staging01.devland.is + - host: 'ui.staging01.devland.is' paths: - - / - namespace: storybook + - '/' + namespace: 'storybook' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -46,13 +45,13 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 10m - memory: 128Mi + cpu: '10m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/judicial-system-api/values.dev.yaml b/charts/services/judicial-system-api/values.dev.yaml index 20da8359716d..5dd1b26b61c9 100644 --- a/charts/services/judicial-system-api/values.dev.yaml +++ b/charts/services/judicial-system-api/values.dev.yaml @@ -1,34 +1,32 @@ service: - name: judicial-system-api + name: 'judicial-system-api' enabled: true env: - ALLOW_AUTH_BYPASS: "true" - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - AUTH_IDS_CLIENT_ID: "@rettarvorslugatt.island.is/web" - AUTH_IDS_LOGOUT_REDIRECT_URI: https://judicial-system.dev01.devland.is - AUTH_IDS_REDIRECT_URI: https://judicial-system.dev01.devland.is/api/auth/callback/identity-server - AUTH_IDS_SCOPE: openid profile - BACKEND_URL: http://web-judicial-system-backend - CONTENTFUL_ENVIRONMENT: test - CONTENTFUL_HOST: preview.contentful.com - HIDDEN_FEATURES: "" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -39,22 +37,22 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system.dev01.devland.is + - host: 'judicial-system.dev01.devland.is' paths: - - /api/graphql - - /api/auth - - /api/case - - /api/feature - namespace: judicial-system + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -66,23 +64,23 @@ service: min: 2 resources: limits: - cpu: 350m - memory: 512Mi + cpu: '350m' + memory: '512Mi' requests: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' secrets: - AUTH_IDS_SECRET: /k8s/judicial-system/AUTH_IDS_SECRET - AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' create: true - name: judicial-system-api + name: 'judicial-system-api' diff --git a/charts/services/judicial-system-api/values.prod.yaml b/charts/services/judicial-system-api/values.prod.yaml index 7066c51aa320..1cc83003778d 100644 --- a/charts/services/judicial-system-api/values.prod.yaml +++ b/charts/services/judicial-system-api/values.prod.yaml @@ -1,34 +1,33 @@ service: - name: judicial-system-api + name: 'judicial-system-api' enabled: true env: - ALLOW_AUTH_BYPASS: "false" - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - AUTH_IDS_CLIENT_ID: "@rettarvorslugatt.island.is/web" - AUTH_IDS_LOGOUT_REDIRECT_URI: https://rettarvorslugatt.island.is - AUTH_IDS_REDIRECT_URI: https://rettarvorslugatt.island.is/api/auth/callback/identity-server - AUTH_IDS_SCOPE: openid profile - BACKEND_URL: http://web-judicial-system-backend - CONTENTFUL_ENVIRONMENT: master - CONTENTFUL_HOST: cdn.contentful.com - HIDDEN_FEATURES: "" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + ALLOW_AUTH_BYPASS: 'false' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' + AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -39,22 +38,22 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: rettarvorslugatt.island.is + - host: 'rettarvorslugatt.island.is' paths: - - /api/graphql - - /api/auth - - /api/case - - /api/feature - namespace: judicial-system + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -66,23 +65,23 @@ service: min: 2 resources: limits: - cpu: 350m - memory: 512Mi + cpu: '350m' + memory: '512Mi' requests: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' secrets: - AUTH_IDS_SECRET: /k8s/judicial-system/AUTH_IDS_SECRET - AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' create: true - name: judicial-system-api + name: 'judicial-system-api' diff --git a/charts/services/judicial-system-api/values.staging.yaml b/charts/services/judicial-system-api/values.staging.yaml index b7a80ebe4244..43bface247f8 100644 --- a/charts/services/judicial-system-api/values.staging.yaml +++ b/charts/services/judicial-system-api/values.staging.yaml @@ -1,34 +1,32 @@ service: - name: judicial-system-api + name: 'judicial-system-api' enabled: true env: - ALLOW_AUTH_BYPASS: "true" - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - AUTH_IDS_CLIENT_ID: "@rettarvorslugatt.island.is/web" - AUTH_IDS_LOGOUT_REDIRECT_URI: https://judicial-system.staging01.devland.is - AUTH_IDS_REDIRECT_URI: https://judicial-system.staging01.devland.is/api/auth/callback/identity-server - AUTH_IDS_SCOPE: openid profile - BACKEND_URL: http://web-judicial-system-backend - CONTENTFUL_ENVIRONMENT: test - CONTENTFUL_HOST: cdn.contentful.com - HIDDEN_FEATURES: "" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + ALLOW_AUTH_BYPASS: 'true' + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' + AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' + AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' + AUTH_IDS_SCOPE: 'openid profile' + BACKEND_URL: 'http://web-judicial-system-backend' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -39,22 +37,22 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system.staging01.devland.is + - host: 'judicial-system.staging01.devland.is' paths: - - /api/graphql - - /api/auth - - /api/case - - /api/feature - namespace: judicial-system + - '/api/graphql' + - '/api/auth' + - '/api/case' + - '/api/feature' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -66,23 +64,23 @@ service: min: 2 resources: limits: - cpu: 350m - memory: 512Mi + cpu: '350m' + memory: '512Mi' requests: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' secrets: - AUTH_IDS_SECRET: /k8s/judicial-system/AUTH_IDS_SECRET - AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' create: true - name: judicial-system-api + name: 'judicial-system-api' diff --git a/charts/services/judicial-system-backend/values.dev.yaml b/charts/services/judicial-system-backend/values.dev.yaml index b6af38806cea..6d4df8a6f48d 100644 --- a/charts/services/judicial-system-backend/values.dev.yaml +++ b/charts/services/judicial-system-backend/values.dev.yaml @@ -1,49 +1,47 @@ service: - name: judicial-system-backend + name: 'judicial-system-backend' enabled: true env: - BLOCKED_API_INTEGRATION: "" - CLIENT_URL: https://judicial-system.dev01.devland.is - CONTENTFUL_ENVIRONMENT: test - CONTENTFUL_HOST: preview.contentful.com - DB_HOST: postgres-applications.internal - DB_NAME: judicial_system - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: judicial_system - DOKOBIT_URL: https://developers.dokobit.com - EMAIL_REGION: eu-west-1 - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "true" - S3_BUCKET: island-is-dev-upload-judicial-system - S3_REGION: eu-west-1 - S3_TIME_TO_LIVE_GET: "5" - S3_TIME_TO_LIVE_POST: "15" - SERVERSIDE_FEATURES_ON: "" - SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq - SQS_QUEUE_NAME: sqs-judicial-system - SQS_REGION: eu-west-1 - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: "false" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10014/Rettarvorslugatt-Client - XROAD_COURT_API_PATH: /Domstolasyslan/JusticePortal-v1 - XROAD_COURT_MEMBER_CODE: "10019" - XROAD_POLICE_API_PATH: /Logreglan-Private/rettarvarsla-v1 - XROAD_POLICE_MEMBER_CODE: "10005" - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + CLIENT_URL: 'https://judicial-system.dev01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + S3_BUCKET: 'island-is-dev-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '10019' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '10005' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -54,31 +52,30 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: judicial_system - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: judicial_system - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'judicial_system' secrets: - DB_PASS: /k8s/judicial-system/DB_PASSWORD - namespace: judicial-system + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -90,49 +87,49 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 1024Mi + cpu: '400m' + memory: '1024Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' secrets: - ADMIN_USERS: /k8s/judicial-system/ADMIN_USERS - ARCHIVE_ENCRYPTION_KEY: /k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY - AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN - COURTS_ASSISTANT_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS - COURTS_EMAILS: /k8s/judicial-system/COURTS_EMAILS - COURTS_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_MOBILE_NUMBERS - COURT_ROBOT_CLIENT_ID: /k8s/judicial-system/COURT_ROBOT_CLIENT_ID - COURT_ROBOT_CLIENT_SECRET: /k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET - COURT_ROBOT_EMAIL: /k8s/judicial-system/COURT_ROBOT_EMAIL - COURT_ROBOT_TENANT_ID: /k8s/judicial-system/COURT_ROBOT_TENANT_ID - COURT_ROBOT_USER: /k8s/judicial-system/COURT_ROBOT_USER - DB_PASS: /k8s/judicial-system/DB_PASSWORD - DOKOBIT_ACCESS_TOKEN: /k8s/judicial-system/DOKOBIT_ACCESS_TOKEN - EMAIL_FROM: /k8s/judicial-system/EMAIL_FROM - EMAIL_FROM_NAME: /k8s/judicial-system/EMAIL_FROM_NAME - EMAIL_REPLY_TO: /k8s/judicial-system/EMAIL_REPLY_TO - EMAIL_REPLY_TO_NAME: /k8s/judicial-system/EMAIL_REPLY_TO_NAME - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL - EVENT_URL: /k8s/judicial-system/EVENT_URL - NOVA_PASSWORD: /k8s/judicial-system/NOVA_PASSWORD - NOVA_URL: /k8s/judicial-system/NOVA_URL - NOVA_USERNAME: /k8s/judicial-system/NOVA_USERNAME - PRISON_ADMIN_EMAIL: /k8s/judicial-system/PRISON_ADMIN_EMAIL - PRISON_EMAIL: /k8s/judicial-system/PRISON_EMAIL - XROAD_CLIENT_CERT: /k8s/judicial-system/XROAD_CLIENT_CERT - XROAD_CLIENT_KEY: /k8s/judicial-system/XROAD_CLIENT_KEY - XROAD_CLIENT_PEM: /k8s/judicial-system/XROAD_CLIENT_PEM - XROAD_COURTS_CREDENTIALS: /k8s/judicial-system/COURTS_CREDENTIALS - XROAD_POLICE_API_KEY: /k8s/judicial-system/XROAD_POLICE_API_KEY + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-backend + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' create: true - name: judicial-system-backend + name: 'judicial-system-backend' diff --git a/charts/services/judicial-system-backend/values.prod.yaml b/charts/services/judicial-system-backend/values.prod.yaml index cfefccfad335..e12f762b03ab 100644 --- a/charts/services/judicial-system-backend/values.prod.yaml +++ b/charts/services/judicial-system-backend/values.prod.yaml @@ -1,49 +1,48 @@ service: - name: judicial-system-backend + name: 'judicial-system-backend' enabled: true env: - BLOCKED_API_INTEGRATION: "" - CLIENT_URL: https://rettarvorslugatt.island.is - CONTENTFUL_ENVIRONMENT: master - CONTENTFUL_HOST: cdn.contentful.com - DB_HOST: postgres-applications.internal - DB_NAME: judicial_system - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: judicial_system - DOKOBIT_URL: https://ws.dokobit.com - EMAIL_REGION: eu-west-1 - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "false" - S3_BUCKET: island-is-prod-upload-judicial-system - S3_REGION: eu-west-1 - S3_TIME_TO_LIVE_GET: "5" - S3_TIME_TO_LIVE_POST: "15" - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq - SQS_QUEUE_NAME: sqs-judicial-system - SQS_REGION: eu-west-1 - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: "true" - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5804170510/Rettarvorslugatt-Client - XROAD_COURT_API_PATH: /Domstolasyslan/JusticePortal-v1 - XROAD_COURT_MEMBER_CODE: "4707171140" - XROAD_POLICE_API_PATH: /Logreglan-Private/rettarvarsla-v1 - XROAD_POLICE_MEMBER_CODE: "5309672079" - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + CLIENT_URL: 'https://rettarvorslugatt.island.is' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://ws.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-prod-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -54,31 +53,31 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: judicial_system - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: judicial_system - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/judicial-system/DB_PASSWORD - namespace: judicial-system + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -90,49 +89,49 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 1024Mi + cpu: '400m' + memory: '1024Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' secrets: - ADMIN_USERS: /k8s/judicial-system/ADMIN_USERS - ARCHIVE_ENCRYPTION_KEY: /k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY - AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN - COURTS_ASSISTANT_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS - COURTS_EMAILS: /k8s/judicial-system/COURTS_EMAILS - COURTS_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_MOBILE_NUMBERS - COURT_ROBOT_CLIENT_ID: /k8s/judicial-system/COURT_ROBOT_CLIENT_ID - COURT_ROBOT_CLIENT_SECRET: /k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET - COURT_ROBOT_EMAIL: /k8s/judicial-system/COURT_ROBOT_EMAIL - COURT_ROBOT_TENANT_ID: /k8s/judicial-system/COURT_ROBOT_TENANT_ID - COURT_ROBOT_USER: /k8s/judicial-system/COURT_ROBOT_USER - DB_PASS: /k8s/judicial-system/DB_PASSWORD - DOKOBIT_ACCESS_TOKEN: /k8s/judicial-system/DOKOBIT_ACCESS_TOKEN - EMAIL_FROM: /k8s/judicial-system/EMAIL_FROM - EMAIL_FROM_NAME: /k8s/judicial-system/EMAIL_FROM_NAME - EMAIL_REPLY_TO: /k8s/judicial-system/EMAIL_REPLY_TO - EMAIL_REPLY_TO_NAME: /k8s/judicial-system/EMAIL_REPLY_TO_NAME - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL - EVENT_URL: /k8s/judicial-system/EVENT_URL - NOVA_PASSWORD: /k8s/judicial-system/NOVA_PASSWORD - NOVA_URL: /k8s/judicial-system/NOVA_URL - NOVA_USERNAME: /k8s/judicial-system/NOVA_USERNAME - PRISON_ADMIN_EMAIL: /k8s/judicial-system/PRISON_ADMIN_EMAIL - PRISON_EMAIL: /k8s/judicial-system/PRISON_EMAIL - XROAD_CLIENT_CERT: /k8s/judicial-system/XROAD_CLIENT_CERT - XROAD_CLIENT_KEY: /k8s/judicial-system/XROAD_CLIENT_KEY - XROAD_CLIENT_PEM: /k8s/judicial-system/XROAD_CLIENT_PEM - XROAD_COURTS_CREDENTIALS: /k8s/judicial-system/COURTS_CREDENTIALS - XROAD_POLICE_API_KEY: /k8s/judicial-system/XROAD_POLICE_API_KEY + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-backend + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' create: true - name: judicial-system-backend + name: 'judicial-system-backend' diff --git a/charts/services/judicial-system-backend/values.staging.yaml b/charts/services/judicial-system-backend/values.staging.yaml index d5a98a8a47a5..1d2d67957e9a 100644 --- a/charts/services/judicial-system-backend/values.staging.yaml +++ b/charts/services/judicial-system-backend/values.staging.yaml @@ -1,49 +1,48 @@ service: - name: judicial-system-backend + name: 'judicial-system-backend' enabled: true env: - BLOCKED_API_INTEGRATION: COURT,POLICE_CASE - CLIENT_URL: https://judicial-system.staging01.devland.is - CONTENTFUL_ENVIRONMENT: test - CONTENTFUL_HOST: cdn.contentful.com - DB_HOST: postgres-applications.internal - DB_NAME: judicial_system - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: judicial_system - DOKOBIT_URL: https://developers.dokobit.com - EMAIL_REGION: eu-west-1 - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "false" - S3_BUCKET: island-is-staging-upload-judicial-system - S3_REGION: eu-west-1 - S3_TIME_TO_LIVE_GET: "5" - S3_TIME_TO_LIVE_POST: "15" - SERVERSIDE_FEATURES_ON: "" - SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq - SQS_QUEUE_NAME: sqs-judicial-system - SQS_REGION: eu-west-1 - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: "true" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5804170510/Rettarvorslugatt-Client - XROAD_COURT_API_PATH: /Domstolasyslan/JusticePortal-v1 - XROAD_COURT_MEMBER_CODE: "4707171140" - XROAD_POLICE_API_PATH: /Logreglan-Private/rettarvarsla-v1 - XROAD_POLICE_MEMBER_CODE: "5309672079" - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' + CLIENT_URL: 'https://judicial-system.staging01.devland.is' + CONTENTFUL_ENVIRONMENT: 'test' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' + DOKOBIT_URL: 'https://developers.dokobit.com' + EMAIL_REGION: 'eu-west-1' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + S3_BUCKET: 'island-is-staging-upload-judicial-system' + S3_REGION: 'eu-west-1' + S3_TIME_TO_LIVE_GET: '5' + S3_TIME_TO_LIVE_POST: '15' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' + XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' + XROAD_COURT_MEMBER_CODE: '4707171140' + XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' + XROAD_POLICE_MEMBER_CODE: '5309672079' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -54,31 +53,30 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: judicial_system - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: judicial_system - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'judicial_system' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'judicial_system' secrets: - DB_PASS: /k8s/judicial-system/DB_PASSWORD - namespace: judicial-system + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -90,49 +88,49 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 1024Mi + cpu: '400m' + memory: '1024Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' secrets: - ADMIN_USERS: /k8s/judicial-system/ADMIN_USERS - ARCHIVE_ENCRYPTION_KEY: /k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY - AUTH_JWT_SECRET: /k8s/judicial-system/AUTH_JWT_SECRET - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN - COURTS_ASSISTANT_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS - COURTS_EMAILS: /k8s/judicial-system/COURTS_EMAILS - COURTS_MOBILE_NUMBERS: /k8s/judicial-system/COURTS_MOBILE_NUMBERS - COURT_ROBOT_CLIENT_ID: /k8s/judicial-system/COURT_ROBOT_CLIENT_ID - COURT_ROBOT_CLIENT_SECRET: /k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET - COURT_ROBOT_EMAIL: /k8s/judicial-system/COURT_ROBOT_EMAIL - COURT_ROBOT_TENANT_ID: /k8s/judicial-system/COURT_ROBOT_TENANT_ID - COURT_ROBOT_USER: /k8s/judicial-system/COURT_ROBOT_USER - DB_PASS: /k8s/judicial-system/DB_PASSWORD - DOKOBIT_ACCESS_TOKEN: /k8s/judicial-system/DOKOBIT_ACCESS_TOKEN - EMAIL_FROM: /k8s/judicial-system/EMAIL_FROM - EMAIL_FROM_NAME: /k8s/judicial-system/EMAIL_FROM_NAME - EMAIL_REPLY_TO: /k8s/judicial-system/EMAIL_REPLY_TO - EMAIL_REPLY_TO_NAME: /k8s/judicial-system/EMAIL_REPLY_TO_NAME - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL - EVENT_URL: /k8s/judicial-system/EVENT_URL - NOVA_PASSWORD: /k8s/judicial-system/NOVA_PASSWORD - NOVA_URL: /k8s/judicial-system/NOVA_URL - NOVA_USERNAME: /k8s/judicial-system/NOVA_USERNAME - PRISON_ADMIN_EMAIL: /k8s/judicial-system/PRISON_ADMIN_EMAIL - PRISON_EMAIL: /k8s/judicial-system/PRISON_EMAIL - XROAD_CLIENT_CERT: /k8s/judicial-system/XROAD_CLIENT_CERT - XROAD_CLIENT_KEY: /k8s/judicial-system/XROAD_CLIENT_KEY - XROAD_CLIENT_PEM: /k8s/judicial-system/XROAD_CLIENT_PEM - XROAD_COURTS_CREDENTIALS: /k8s/judicial-system/COURTS_CREDENTIALS - XROAD_POLICE_API_KEY: /k8s/judicial-system/XROAD_POLICE_API_KEY + ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' + ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' + AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' + COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' + COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' + COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' + COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' + COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' + COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' + COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' + COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' + DB_PASS: '/k8s/judicial-system/DB_PASSWORD' + DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' + EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + EVENT_URL: '/k8s/judicial-system/EVENT_URL' + NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' + NOVA_URL: '/k8s/judicial-system/NOVA_URL' + NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' + PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' + PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' + XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' + XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' + XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' + XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' + XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-backend + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' create: true - name: judicial-system-backend + name: 'judicial-system-backend' diff --git a/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml b/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml index dfa79d9b198f..a506ff07933c 100644 --- a/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml +++ b/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml @@ -1,26 +1,25 @@ service: - name: judicial-system-digital-mailbox-api + name: 'judicial-system-digital-mailbox-api' enabled: true env: - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - BACKEND_URL: http://web-judicial-system-backend - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,17 +30,17 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is + - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -53,21 +52,21 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' create: true - name: judicial-system-digital-mailbox-api + name: 'judicial-system-digital-mailbox-api' diff --git a/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml b/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml index a266f2634862..606a1ba74edd 100644 --- a/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml +++ b/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml @@ -1,26 +1,26 @@ service: - name: judicial-system-digital-mailbox-api + name: 'judicial-system-digital-mailbox-api' enabled: true env: - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - BACKEND_URL: http://web-judicial-system-backend - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,17 +31,17 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system-digital-mailbox-api-xrd.internal.island.is + - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -53,21 +53,21 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' create: true - name: judicial-system-digital-mailbox-api + name: 'judicial-system-digital-mailbox-api' diff --git a/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml b/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml index 516c5a40924a..32e75ce71fe1 100644 --- a/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml +++ b/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml @@ -1,26 +1,25 @@ service: - name: judicial-system-digital-mailbox-api + name: 'judicial-system-digital-mailbox-api' enabled: true env: - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - BACKEND_URL: http://web-judicial-system-backend - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,17 +30,17 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is + - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -53,21 +52,21 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' create: true - name: judicial-system-digital-mailbox-api + name: 'judicial-system-digital-mailbox-api' diff --git a/charts/services/judicial-system-message-handler/values.dev.yaml b/charts/services/judicial-system-message-handler/values.dev.yaml index 2b576d4a1d76..00939634ed5a 100644 --- a/charts/services/judicial-system-message-handler/values.dev.yaml +++ b/charts/services/judicial-system-message-handler/values.dev.yaml @@ -1,30 +1,29 @@ service: - name: judicial-system-message-handler + name: 'judicial-system-message-handler' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq - SQS_QUEUE_NAME: sqs-judicial-system - SQS_REGION: eu-west-1 + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -35,8 +34,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler - namespace: judicial-system + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -48,19 +47,19 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-message-handler + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' create: true - name: judicial-system-message-handler + name: 'judicial-system-message-handler' diff --git a/charts/services/judicial-system-message-handler/values.prod.yaml b/charts/services/judicial-system-message-handler/values.prod.yaml index a3f3c28fe432..471ce023e34c 100644 --- a/charts/services/judicial-system-message-handler/values.prod.yaml +++ b/charts/services/judicial-system-message-handler/values.prod.yaml @@ -1,30 +1,30 @@ service: - name: judicial-system-message-handler + name: 'judicial-system-message-handler' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq - SQS_QUEUE_NAME: sqs-judicial-system - SQS_REGION: eu-west-1 + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -35,8 +35,8 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler - namespace: judicial-system + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -48,19 +48,19 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-message-handler + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' create: true - name: judicial-system-message-handler + name: 'judicial-system-message-handler' diff --git a/charts/services/judicial-system-message-handler/values.staging.yaml b/charts/services/judicial-system-message-handler/values.staging.yaml index 6fd84568b349..c5538e6d6e0d 100644 --- a/charts/services/judicial-system-message-handler/values.staging.yaml +++ b/charts/services/judicial-system-message-handler/values.staging.yaml @@ -1,30 +1,29 @@ service: - name: judicial-system-message-handler + name: 'judicial-system-message-handler' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq - SQS_QUEUE_NAME: sqs-judicial-system - SQS_REGION: eu-west-1 + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -35,8 +34,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler - namespace: judicial-system + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -48,19 +47,19 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-message-handler + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' create: true - name: judicial-system-message-handler + name: 'judicial-system-message-handler' diff --git a/charts/services/judicial-system-robot-api/values.dev.yaml b/charts/services/judicial-system-robot-api/values.dev.yaml index f40df3b22ace..579cc3884eff 100644 --- a/charts/services/judicial-system-robot-api/values.dev.yaml +++ b/charts/services/judicial-system-robot-api/values.dev.yaml @@ -1,25 +1,24 @@ service: - name: judicial-system-robot-api + name: 'judicial-system-robot-api' enabled: true env: - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -30,17 +29,17 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system-robot-api-xrd.internal.dev01.devland.is + - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -52,20 +51,20 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-robot-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' create: true - name: judicial-system-robot-api + name: 'judicial-system-robot-api' diff --git a/charts/services/judicial-system-robot-api/values.prod.yaml b/charts/services/judicial-system-robot-api/values.prod.yaml index dda3b1f973ab..d0a69e363e73 100644 --- a/charts/services/judicial-system-robot-api/values.prod.yaml +++ b/charts/services/judicial-system-robot-api/values.prod.yaml @@ -1,25 +1,25 @@ service: - name: judicial-system-robot-api + name: 'judicial-system-robot-api' enabled: true env: - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -30,17 +30,17 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system-robot-api-xrd.internal.island.is + - host: 'judicial-system-robot-api-xrd.internal.island.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -52,20 +52,20 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-robot-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' create: true - name: judicial-system-robot-api + name: 'judicial-system-robot-api' diff --git a/charts/services/judicial-system-robot-api/values.staging.yaml b/charts/services/judicial-system-robot-api/values.staging.yaml index 7e8bb8702494..72e12631840c 100644 --- a/charts/services/judicial-system-robot-api/values.staging.yaml +++ b/charts/services/judicial-system-robot-api/values.staging.yaml @@ -1,25 +1,24 @@ service: - name: judicial-system-robot-api + name: 'judicial-system-robot-api' enabled: true env: - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -30,17 +29,17 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system-robot-api-xrd.internal.staging01.devland.is + - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -52,20 +51,20 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-robot-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' create: true - name: judicial-system-robot-api + name: 'judicial-system-robot-api' diff --git a/charts/services/judicial-system-scheduler/values.dev.yaml b/charts/services/judicial-system-scheduler/values.dev.yaml index eaab90e9b8e6..2a413cf7e717 100644 --- a/charts/services/judicial-system-scheduler/values.dev.yaml +++ b/charts/services/judicial-system-scheduler/values.dev.yaml @@ -1,31 +1,30 @@ service: - name: judicial-system-scheduler + name: 'judicial-system-scheduler' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq - SQS_QUEUE_NAME: sqs-judicial-system - SQS_REGION: eu-west-1 - TIME_TO_LIVE_MINUTES: "30" + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -36,8 +35,8 @@ service: max: 1 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler - namespace: judicial-system + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -49,20 +48,20 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi - schedule: 0 2 * * * + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-scheduler + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' create: true - name: judicial-system-scheduler + name: 'judicial-system-scheduler' diff --git a/charts/services/judicial-system-scheduler/values.prod.yaml b/charts/services/judicial-system-scheduler/values.prod.yaml index 9ebba04b4baa..8e0a6207a290 100644 --- a/charts/services/judicial-system-scheduler/values.prod.yaml +++ b/charts/services/judicial-system-scheduler/values.prod.yaml @@ -1,31 +1,31 @@ service: - name: judicial-system-scheduler + name: 'judicial-system-scheduler' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq - SQS_QUEUE_NAME: sqs-judicial-system - SQS_REGION: eu-west-1 - TIME_TO_LIVE_MINUTES: "30" + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -36,8 +36,8 @@ service: max: 1 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler - namespace: judicial-system + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -49,20 +49,20 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi - schedule: 0 2 * * * + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-scheduler + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' create: true - name: judicial-system-scheduler + name: 'judicial-system-scheduler' diff --git a/charts/services/judicial-system-scheduler/values.staging.yaml b/charts/services/judicial-system-scheduler/values.staging.yaml index edb4a2374e67..9166219660f3 100644 --- a/charts/services/judicial-system-scheduler/values.staging.yaml +++ b/charts/services/judicial-system-scheduler/values.staging.yaml @@ -1,31 +1,30 @@ service: - name: judicial-system-scheduler + name: 'judicial-system-scheduler' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - SQS_DEAD_LETTER_QUEUE_NAME: sqs-judicial-system-dlq - SQS_QUEUE_NAME: sqs-judicial-system - SQS_REGION: eu-west-1 - TIME_TO_LIVE_MINUTES: "30" + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' + SQS_QUEUE_NAME: 'sqs-judicial-system' + SQS_REGION: 'eu-west-1' + TIME_TO_LIVE_MINUTES: '30' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -36,8 +35,8 @@ service: max: 1 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler - namespace: judicial-system + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -49,20 +48,20 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi - schedule: 0 2 * * * + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-scheduler + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' create: true - name: judicial-system-scheduler + name: 'judicial-system-scheduler' diff --git a/charts/services/judicial-system-web/values.dev.yaml b/charts/services/judicial-system-web/values.dev.yaml index ddd15092a884..92f94ae7681a 100644 --- a/charts/services/judicial-system-web/values.dev.yaml +++ b/charts/services/judicial-system-web/values.dev.yaml @@ -1,23 +1,22 @@ service: - name: judicial-system-web + name: 'judicial-system-web' enabled: true env: - API_URL: https://judicial-system.dev01.devland.is - INTERNAL_API_URL: http://web-judicial-system-api - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + API_URL: 'https://judicial-system.dev01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 10 hpa: scaling: @@ -28,19 +27,19 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system.dev01.devland.is + - host: 'judicial-system.dev01.devland.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -50,16 +49,16 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 15m - memory: 128Mi + cpu: '15m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY - NATIONAL_REGISTRY_API_KEY: /k8s/judicial-system/NATIONAL_REGISTRY_API_KEY - SUPPORT_EMAIL: /k8s/judicial-system/SUPPORT_EMAIL + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/judicial-system-web/values.prod.yaml b/charts/services/judicial-system-web/values.prod.yaml index fe6b2ca5f2ff..e075554eb1f6 100644 --- a/charts/services/judicial-system-web/values.prod.yaml +++ b/charts/services/judicial-system-web/values.prod.yaml @@ -1,23 +1,23 @@ service: - name: judicial-system-web + name: 'judicial-system-web' enabled: true env: - API_URL: https://rettarvorslugatt.island.is - INTERNAL_API_URL: http://web-judicial-system-api - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + API_URL: 'https://rettarvorslugatt.island.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 10 hpa: scaling: @@ -28,19 +28,19 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: rettarvorslugatt.island.is + - host: 'rettarvorslugatt.island.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -50,16 +50,16 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 15m - memory: 128Mi + cpu: '15m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY - NATIONAL_REGISTRY_API_KEY: /k8s/judicial-system/NATIONAL_REGISTRY_API_KEY - SUPPORT_EMAIL: /k8s/judicial-system/SUPPORT_EMAIL + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/judicial-system-web/values.staging.yaml b/charts/services/judicial-system-web/values.staging.yaml index 648f8a31352c..382c8609fc79 100644 --- a/charts/services/judicial-system-web/values.staging.yaml +++ b/charts/services/judicial-system-web/values.staging.yaml @@ -1,23 +1,22 @@ service: - name: judicial-system-web + name: 'judicial-system-web' enabled: true env: - API_URL: https://judicial-system.staging01.devland.is - INTERNAL_API_URL: http://web-judicial-system-api - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + API_URL: 'https://judicial-system.staging01.devland.is' + INTERNAL_API_URL: 'http://web-judicial-system-api' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 10 hpa: scaling: @@ -28,19 +27,19 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system.staging01.devland.is + - host: 'judicial-system.staging01.devland.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -50,16 +49,16 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 15m - memory: 128Mi + cpu: '15m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY - NATIONAL_REGISTRY_API_KEY: /k8s/judicial-system/NATIONAL_REGISTRY_API_KEY - SUPPORT_EMAIL: /k8s/judicial-system/SUPPORT_EMAIL + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' + NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' + SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/judicial-system-xrd-api/values.dev.yaml b/charts/services/judicial-system-xrd-api/values.dev.yaml index d6ef8b4b3720..aea6fa00e1c8 100644 --- a/charts/services/judicial-system-xrd-api/values.dev.yaml +++ b/charts/services/judicial-system-xrd-api/values.dev.yaml @@ -1,25 +1,24 @@ service: - name: judicial-system-xrd-api + name: 'judicial-system-xrd-api' enabled: true env: - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -30,17 +29,17 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system-xrd-api.internal.dev01.devland.is + - host: 'judicial-system-xrd-api.internal.dev01.devland.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -52,21 +51,21 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/judicial-system-xrd-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' create: true - name: judicial-system-xrd-api + name: 'judicial-system-xrd-api' diff --git a/charts/services/judicial-system-xrd-api/values.prod.yaml b/charts/services/judicial-system-xrd-api/values.prod.yaml index 00a85da97907..4ca0c565e14d 100644 --- a/charts/services/judicial-system-xrd-api/values.prod.yaml +++ b/charts/services/judicial-system-xrd-api/values.prod.yaml @@ -1,25 +1,25 @@ service: - name: judicial-system-xrd-api + name: 'judicial-system-xrd-api' enabled: true env: - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -30,17 +30,17 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system-xrd-api.internal.island.is + - host: 'judicial-system-xrd-api.internal.island.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -52,21 +52,21 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/judicial-system-xrd-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' create: true - name: judicial-system-xrd-api + name: 'judicial-system-xrd-api' diff --git a/charts/services/judicial-system-xrd-api/values.staging.yaml b/charts/services/judicial-system-xrd-api/values.staging.yaml index f1d6abdc7646..5c05caaa03c4 100644 --- a/charts/services/judicial-system-xrd-api/values.staging.yaml +++ b/charts/services/judicial-system-xrd-api/values.staging.yaml @@ -1,25 +1,24 @@ service: - name: judicial-system-xrd-api + name: 'judicial-system-xrd-api' enabled: true env: - AUDIT_TRAIL_GROUP_NAME: k8s/judicial-system/audit-log - AUDIT_TRAIL_REGION: eu-west-1 - AUDIT_TRAIL_USE_GENERIC_LOGGER: "false" - BACKEND_URL: http://web-judicial-system-backend - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' + AUDIT_TRAIL_REGION: 'eu-west-1' + AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' + BACKEND_URL: 'http://web-judicial-system-backend' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -30,17 +29,17 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: judicial-system-xrd-api.internal.staging01.devland.is + - host: 'judicial-system-xrd-api.internal.staging01.devland.is' paths: - - / - namespace: judicial-system + - '/' + namespace: 'judicial-system' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -52,21 +51,21 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - BACKEND_ACCESS_TOKEN: /k8s/judicial-system/BACKEND_ACCESS_TOKEN - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - ERROR_EVENT_URL: /k8s/judicial-system/ERROR_EVENT_URL - LAWYERS_ICELAND_API_KEY: /k8s/judicial-system/LAWYERS_ICELAND_API_KEY + BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' + LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/judicial-system-xrd-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' create: true - name: judicial-system-xrd-api + name: 'judicial-system-xrd-api' diff --git a/charts/services/license-api/values.dev.yaml b/charts/services/license-api/values.dev.yaml index 0da64efeb3ef..40a5eaeffb7b 100644 --- a/charts/services/license-api/values.dev.yaml +++ b/charts/services/license-api/values.dev.yaml @@ -1,36 +1,35 @@ service: - name: license-api + name: 'license-api' enabled: true env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 1da72d52-a93a-4d0f-8463-1933a2bd210b - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_DISABILITY_LICENSE_PATH: IS-DEV/GOV/10008/TR-Protected/oryrki-v1 - XROAD_DRIVING_LICENSE_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1 - XROAD_DRIVING_LICENSE_V2_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2 - XROAD_DRIVING_LICENSE_V4_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4 - XROAD_DRIVING_LICENSE_V5_PATH: r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5 - XROAD_FIREARM_LICENSE_PATH: IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1 - XROAD_HUNTING_LICENSE_PATH: IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -41,17 +40,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: license-api-xrd.internal.dev01.devland.is + - host: 'license-api-xrd.internal.dev01.devland.is' paths: - - / - namespace: license-api + - '/' + namespace: 'license-api' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -61,35 +60,35 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT - DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID - DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT - DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID - FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT - FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID - LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY - MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID - PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY - PKPASS_API_URL: /k8s/api/PKPASS_API_URL - PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES - PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA - PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY - RLS_OPEN_LOOKUP_API_KEY: /k8s/api/RLS_OPEN_LOOKUP_API_KEY - RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY - SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL - TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY - UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY - VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY - XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/license-api/values.prod.yaml b/charts/services/license-api/values.prod.yaml index 1288e72899dd..65ccf0086527 100644 --- a/charts/services/license-api/values.prod.yaml +++ b/charts/services/license-api/values.prod.yaml @@ -1,36 +1,36 @@ service: - name: license-api + name: 'license-api' enabled: true env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: d4ecf781-3764-4063-a4e1-9c3e17cebfba - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_DISABILITY_LICENSE_PATH: IS/GOV/5012130120/TR-Protected/oryrki-v1 - XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 - XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1 - XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 - XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 - XROAD_FIREARM_LICENSE_PATH: IS/GOV/5309672079/Logreglan-Protected/island-api-v1 - XROAD_HUNTING_LICENSE_PATH: IS/GOV/7010022880/Umhverfisstofnun-Protected/api - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -41,17 +41,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: license-api-xrd.internal.island.is + - host: 'license-api-xrd.internal.island.is' paths: - - / - namespace: license-api + - '/' + namespace: 'license-api' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -61,35 +61,35 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT - DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID - DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT - DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID - FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT - FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID - LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY - MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID - PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY - PKPASS_API_URL: /k8s/api/PKPASS_API_URL - PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES - PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA - PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY - RLS_OPEN_LOOKUP_API_KEY: /k8s/api/RLS_OPEN_LOOKUP_API_KEY - RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY - SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL - TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY - UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY - VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY - XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/license-api/values.staging.yaml b/charts/services/license-api/values.staging.yaml index c8b77adb1220..f3fe1baa0958 100644 --- a/charts/services/license-api/values.staging.yaml +++ b/charts/services/license-api/values.staging.yaml @@ -1,36 +1,35 @@ service: - name: license-api + name: 'license-api' enabled: true env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 1da72d52-a93a-4d0f-8463-1933a2bd210b - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_DISABILITY_LICENSE_PATH: IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1 - XROAD_DRIVING_LICENSE_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1 - XROAD_DRIVING_LICENSE_V2_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2 - XROAD_DRIVING_LICENSE_V4_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4 - XROAD_DRIVING_LICENSE_V5_PATH: r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5 - XROAD_FIREARM_LICENSE_PATH: IS/GOV/5309672079/Logreglan-Protected/island-api-v1 - XROAD_HUNTING_LICENSE_PATH: IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' + XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' + XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' + XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' + XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' + XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' + XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' grantNamespaces: - - nginx-ingress-internal + - 'nginx-ingress-internal' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -41,17 +40,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: license-api-xrd.internal.staging01.devland.is + - host: 'license-api-xrd.internal.staging01.devland.is' paths: - - / - namespace: license-api + - '/' + namespace: 'license-api' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -61,35 +60,35 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: /k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DISABILITY_LICENSE_FETCH_TIMEOUT: /k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT - DISABILITY_LICENSE_PASS_TEMPLATE_ID: /k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID - DRIVING_LICENSE_FETCH_TIMEOUT: /k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT - DRIVING_LICENSE_PASS_TEMPLATE_ID: /k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID - FIREARM_LICENSE_FETCH_TIMEOUT: /k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT - FIREARM_LICENSE_PASS_TEMPLATE_ID: /k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID - LICENSE_SERVICE_BARCODE_SECRET_KEY: /k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY - MACHINE_LICENSE_PASS_TEMPLATE_ID: /k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID - PKPASS_API_KEY: /k8s/api/PKPASS_API_KEY - PKPASS_API_URL: /k8s/api/PKPASS_API_URL - PKPASS_AUTH_RETRIES: /k8s/api/PKPASS_AUTH_RETRIES - PKPASS_CACHE_KEY: /k8s/api/PKPASS_CACHE_KEY - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: /k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA - PKPASS_SECRET_KEY: /k8s/api/PKPASS_SECRET_KEY - RLS_OPEN_LOOKUP_API_KEY: /k8s/api/RLS_OPEN_LOOKUP_API_KEY - RLS_PKPASS_API_KEY: /k8s/api/RLS_PKPASS_API_KEY - SMART_SOLUTIONS_API_URL: /k8s/api/SMART_SOLUTIONS_API_URL - TR_PKPASS_API_KEY: /k8s/api/TR_PKPASS_API_KEY - UST_PKPASS_API_KEY: /k8s/api/UST_PKPASS_API_KEY - VE_PKPASS_API_KEY: /k8s/api/VE_PKPASS_API_KEY - XROAD_DRIVING_LICENSE_SECRET: /k8s/api/DRIVING_LICENSE_SECRET + ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' + DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' + DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' + DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' + FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' + FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' + LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' + MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' + PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' + PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' + PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' + PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' + PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' + PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' + RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' + RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' + SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' + TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' + UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' + VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' + XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/portals-admin/values.dev.yaml b/charts/services/portals-admin/values.dev.yaml index 983f80b46c49..140cc5f09891 100644 --- a/charts/services/portals-admin/values.dev.yaml +++ b/charts/services/portals-admin/values.dev.yaml @@ -1,25 +1,24 @@ service: - name: portals-admin + name: 'portals-admin' enabled: true env: - BASEPATH: /stjornbord - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 - SERVERSIDE_FEATURES_ON: "" - SI_PUBLIC_ENVIRONMENT: dev - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' grantNamespaces: - - nginx-ingress-external - - identity-server + - 'nginx-ingress-external' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -30,19 +29,19 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.dev01.devland.is + - host: 'beta.dev01.devland.is' paths: - - /stjornbord - namespace: portals-admin + - '/stjornbord' + namespace: 'portals-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -52,16 +51,16 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 25m - memory: 256Mi + cpu: '25m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/portals-admin/values.prod.yaml b/charts/services/portals-admin/values.prod.yaml index 617115c9c0c3..f7fb2f7e188e 100644 --- a/charts/services/portals-admin/values.prod.yaml +++ b/charts/services/portals-admin/values.prod.yaml @@ -1,25 +1,25 @@ service: - name: portals-admin + name: 'portals-admin' enabled: true env: - BASEPATH: /stjornbord - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SI_PUBLIC_ENVIRONMENT: prod - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' grantNamespaces: - - nginx-ingress-external - - identity-server + - 'nginx-ingress-external' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -30,22 +30,22 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: island.is + - host: 'island.is' paths: - - /stjornbord - - host: www.island.is + - '/stjornbord' + - host: 'www.island.is' paths: - - /stjornbord - namespace: portals-admin + - '/stjornbord' + namespace: 'portals-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -55,16 +55,16 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 25m - memory: 256Mi + cpu: '25m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/portals-admin/values.staging.yaml b/charts/services/portals-admin/values.staging.yaml index 83f9f23e1524..04759912896f 100644 --- a/charts/services/portals-admin/values.staging.yaml +++ b/charts/services/portals-admin/values.staging.yaml @@ -1,25 +1,24 @@ service: - name: portals-admin + name: 'portals-admin' enabled: true env: - BASEPATH: /stjornbord - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 - SERVERSIDE_FEATURES_ON: "" - SI_PUBLIC_ENVIRONMENT: staging - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + BASEPATH: '/stjornbord' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' grantNamespaces: - - nginx-ingress-external - - identity-server + - 'nginx-ingress-external' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -30,19 +29,19 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.staging01.devland.is + - host: 'beta.staging01.devland.is' paths: - - /stjornbord - namespace: portals-admin + - '/stjornbord' + namespace: 'portals-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -52,16 +51,16 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 25m - memory: 256Mi + cpu: '25m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/regulations-admin-backend/values.dev.yaml b/charts/services/regulations-admin-backend/values.dev.yaml index 929956ccad9d..ae653c7b4893 100644 --- a/charts/services/regulations-admin-backend/values.dev.yaml +++ b/charts/services/regulations-admin-backend/values.dev.yaml @@ -1,37 +1,36 @@ service: - name: regulations-admin-backend + name: 'regulations-admin-backend' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: regulations_admin_backend - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: regulations_admin_backend - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/regulations-admin-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' grantNamespaces: - - islandis - - download-service + - 'islandis' + - 'download-service' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -42,31 +41,30 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: regulations_admin_backend - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: regulations_admin_backend - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'regulations_admin_backend' secrets: - DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD - namespace: regulations-admin + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -76,20 +74,20 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/regulations-admin-backend/values.prod.yaml b/charts/services/regulations-admin-backend/values.prod.yaml index c494301b5cbb..70028988dab4 100644 --- a/charts/services/regulations-admin-backend/values.prod.yaml +++ b/charts/services/regulations-admin-backend/values.prod.yaml @@ -1,37 +1,37 @@ service: - name: regulations-admin-backend + name: 'regulations-admin-backend' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: regulations_admin_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: regulations_admin_backend - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/regulations-admin-api" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' grantNamespaces: - - islandis - - download-service + - 'islandis' + - 'download-service' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -42,31 +42,31 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: regulations_admin_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: regulations_admin_backend - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD - namespace: regulations-admin + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -76,20 +76,20 @@ service: min: 3 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/regulations-admin-backend/values.staging.yaml b/charts/services/regulations-admin-backend/values.staging.yaml index 0233156200c9..0497b8f33b44 100644 --- a/charts/services/regulations-admin-backend/values.staging.yaml +++ b/charts/services/regulations-admin-backend/values.staging.yaml @@ -1,37 +1,36 @@ service: - name: regulations-admin-backend + name: 'regulations-admin-backend' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: regulations_admin_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: regulations_admin_backend - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/regulations-admin-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' grantNamespaces: - - islandis - - download-service + - 'islandis' + - 'download-service' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -42,31 +41,30 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: regulations_admin_backend - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: regulations_admin_backend - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'regulations_admin_backend' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'regulations_admin_backend' secrets: - DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD - namespace: regulations-admin + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + namespace: 'regulations-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -76,20 +74,20 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/regulations-admin-backend/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - REGULATIONS_API_URL: /k8s/api/REGULATIONS_API_URL - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: /k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' + REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' + REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' + REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/search-indexer-service/values.dev.yaml b/charts/services/search-indexer-service/values.dev.yaml index b8f9f88f4f3d..8695d0403f2f 100644 --- a/charts/services/search-indexer-service/values.dev.yaml +++ b/charts/services/search-indexer-service/values.dev.yaml @@ -1,29 +1,28 @@ service: - name: search-indexer-service + name: 'search-indexer-service' enabled: true env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.dev01.devland.is - APPLICATION_URL: http://search-indexer-service - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" - CONTENTFUL_ENVIRONMENT: master - CONTENTFUL_HOST: preview.contentful.com - CONTENTFUL_SPACE: 8k0h54kbe6bj - ELASTIC_INDEX: island-is - ELASTIC_NODE: https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com - ENVIRONMENT: dev - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=3686 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -34,73 +33,72 @@ service: max: 1 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: search-indexer-service.dev01.devland.is + - host: 'search-indexer-service.dev01.devland.is' paths: - - / + - '/' initContainer: containers: - args: - - /webapp/migrateAws.js + - '/webapp/migrateAws.js' command: - - /usr/local/bin/node - name: migrate-aws + - '/usr/local/bin/node' + name: 'migrate-aws' resources: limits: - cpu: 400m - memory: 2048Mi + cpu: '400m' + memory: '2048Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' - args: - - /webapp/migrateElastic.js + - '/webapp/migrateElastic.js' command: - - /usr/local/bin/node - name: migrate-elastic + - '/usr/local/bin/node' + name: 'migrate-elastic' resources: limits: - cpu: 700m - memory: 4096Mi + cpu: '700m' + memory: '4096Mi' requests: - cpu: 300m - memory: 3072Mi + cpu: '300m' + memory: '3072Mi' - args: - - /webapp/migrateKibana.js + - '/webapp/migrateKibana.js' command: - - /usr/local/bin/node - name: migrate-kibana + - '/usr/local/bin/node' + name: 'migrate-kibana' resources: limits: - cpu: 400m - memory: 2048Mi + cpu: '400m' + memory: '2048Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.dev01.devland.is - APPLICATION_URL: http://search-indexer-service - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" - CONTENTFUL_ENVIRONMENT: master - CONTENTFUL_HOST: preview.contentful.com - CONTENTFUL_SPACE: 8k0h54kbe6bj - ELASTIC_DOMAIN: search - ELASTIC_INDEX: island-is - ELASTIC_NODE: https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com - ENVIRONMENT: dev - NODE_OPTIONS: --max-old-space-size=2048 - S3_BUCKET: dev-es-custom-packages - SERVERSIDE_FEATURES_ON: "" + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'preview.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'dev' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'dev-es-custom-packages' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN - namespace: search-indexer + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -113,22 +111,22 @@ service: min: 1 resources: limits: - cpu: 800m - memory: 4096Mi + cpu: '800m' + memory: '4096Mi' requests: - cpu: 400m - memory: 3072Mi + cpu: '400m' + memory: '3072Mi' secrets: - API_CMS_DELETION_TOKEN: /k8s/search-indexer/API_CMS_DELETION_TOKEN - API_CMS_SYNC_TOKEN: /k8s/search-indexer/API_CMS_SYNC_TOKEN - APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/search-indexer + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' create: true - name: search-indexer + name: 'search-indexer' diff --git a/charts/services/search-indexer-service/values.prod.yaml b/charts/services/search-indexer-service/values.prod.yaml index daaf62893560..f21d4715c254 100644 --- a/charts/services/search-indexer-service/values.prod.yaml +++ b/charts/services/search-indexer-service/values.prod.yaml @@ -1,29 +1,29 @@ service: - name: search-indexer-service + name: 'search-indexer-service' enabled: true env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.island.is - APPLICATION_URL: http://search-indexer-service - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" - CONTENTFUL_ENVIRONMENT: master - CONTENTFUL_HOST: cdn.contentful.com - CONTENTFUL_SPACE: 8k0h54kbe6bj - ELASTIC_INDEX: island-is - ELASTIC_NODE: https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com - ENVIRONMENT: prod - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=3686 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -34,72 +34,72 @@ service: max: 1 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: search-indexer-service.devland.is + - host: 'search-indexer-service.devland.is' paths: - - / + - '/' initContainer: containers: - args: - - /webapp/migrateAws.js + - '/webapp/migrateAws.js' command: - - /usr/local/bin/node - name: migrate-aws + - '/usr/local/bin/node' + name: 'migrate-aws' resources: limits: - cpu: 400m - memory: 2048Mi + cpu: '400m' + memory: '2048Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' - args: - - /webapp/migrateElastic.js + - '/webapp/migrateElastic.js' command: - - /usr/local/bin/node - name: migrate-elastic + - '/usr/local/bin/node' + name: 'migrate-elastic' resources: limits: - cpu: 700m - memory: 4096Mi + cpu: '700m' + memory: '4096Mi' requests: - cpu: 300m - memory: 3072Mi + cpu: '300m' + memory: '3072Mi' - args: - - /webapp/migrateKibana.js + - '/webapp/migrateKibana.js' command: - - /usr/local/bin/node - name: migrate-kibana + - '/usr/local/bin/node' + name: 'migrate-kibana' resources: limits: - cpu: 400m - memory: 2048Mi + cpu: '400m' + memory: '2048Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.island.is - APPLICATION_URL: http://search-indexer-service - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" - CONTENTFUL_ENVIRONMENT: master - CONTENTFUL_HOST: cdn.contentful.com - CONTENTFUL_SPACE: 8k0h54kbe6bj - ELASTIC_DOMAIN: search - ELASTIC_INDEX: island-is - ELASTIC_NODE: https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com - ENVIRONMENT: prod - NODE_OPTIONS: --max-old-space-size=2048 - S3_BUCKET: prod-es-custom-packages - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'prod' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'prod-es-custom-packages' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN - namespace: search-indexer + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -112,22 +112,22 @@ service: min: 1 resources: limits: - cpu: 800m - memory: 4096Mi + cpu: '800m' + memory: '4096Mi' requests: - cpu: 400m - memory: 3072Mi + cpu: '400m' + memory: '3072Mi' secrets: - API_CMS_DELETION_TOKEN: /k8s/search-indexer/API_CMS_DELETION_TOKEN - API_CMS_SYNC_TOKEN: /k8s/search-indexer/API_CMS_SYNC_TOKEN - APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/search-indexer + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' create: true - name: search-indexer + name: 'search-indexer' diff --git a/charts/services/search-indexer-service/values.staging.yaml b/charts/services/search-indexer-service/values.staging.yaml index 9f5da31697c7..9c157f99f0ef 100644 --- a/charts/services/search-indexer-service/values.staging.yaml +++ b/charts/services/search-indexer-service/values.staging.yaml @@ -1,29 +1,28 @@ service: - name: search-indexer-service + name: 'search-indexer-service' enabled: true env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.staging01.devland.is - APPLICATION_URL: http://search-indexer-service - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" - CONTENTFUL_ENVIRONMENT: master - CONTENTFUL_HOST: cdn.contentful.com - CONTENTFUL_SPACE: 8k0h54kbe6bj - ELASTIC_INDEX: island-is - ELASTIC_NODE: https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com - ENVIRONMENT: staging - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=3686 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -34,73 +33,72 @@ service: max: 1 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: search-indexer-service.staging01.devland.is + - host: 'search-indexer-service.staging01.devland.is' paths: - - / + - '/' initContainer: containers: - args: - - /webapp/migrateAws.js + - '/webapp/migrateAws.js' command: - - /usr/local/bin/node - name: migrate-aws + - '/usr/local/bin/node' + name: 'migrate-aws' resources: limits: - cpu: 400m - memory: 2048Mi + cpu: '400m' + memory: '2048Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' - args: - - /webapp/migrateElastic.js + - '/webapp/migrateElastic.js' command: - - /usr/local/bin/node - name: migrate-elastic + - '/usr/local/bin/node' + name: 'migrate-elastic' resources: limits: - cpu: 700m - memory: 4096Mi + cpu: '700m' + memory: '4096Mi' requests: - cpu: 300m - memory: 3072Mi + cpu: '300m' + memory: '3072Mi' - args: - - /webapp/migrateKibana.js + - '/webapp/migrateKibana.js' command: - - /usr/local/bin/node - name: migrate-kibana + - '/usr/local/bin/node' + name: 'migrate-kibana' resources: limits: - cpu: 400m - memory: 2048Mi + cpu: '400m' + memory: '2048Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: loftbru.staging01.devland.is - APPLICATION_URL: http://search-indexer-service - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: "40" - CONTENTFUL_ENVIRONMENT: master - CONTENTFUL_HOST: cdn.contentful.com - CONTENTFUL_SPACE: 8k0h54kbe6bj - ELASTIC_DOMAIN: search - ELASTIC_INDEX: island-is - ELASTIC_NODE: https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com - ENVIRONMENT: staging - NODE_OPTIONS: --max-old-space-size=2048 - S3_BUCKET: staging-es-custom-packages - SERVERSIDE_FEATURES_ON: "" + AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' + APPLICATION_URL: 'http://search-indexer-service' + CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' + CONTENTFUL_ENVIRONMENT: 'master' + CONTENTFUL_HOST: 'cdn.contentful.com' + CONTENTFUL_SPACE: '8k0h54kbe6bj' + ELASTIC_DOMAIN: 'search' + ELASTIC_INDEX: 'island-is' + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + ENVIRONMENT: 'staging' + NODE_OPTIONS: '--max-old-space-size=2048' + S3_BUCKET: 'staging-es-custom-packages' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN - namespace: search-indexer + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' + namespace: 'search-indexer' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -113,22 +111,22 @@ service: min: 1 resources: limits: - cpu: 800m - memory: 4096Mi + cpu: '800m' + memory: '4096Mi' requests: - cpu: 400m - memory: 3072Mi + cpu: '400m' + memory: '3072Mi' secrets: - API_CMS_DELETION_TOKEN: /k8s/search-indexer/API_CMS_DELETION_TOKEN - API_CMS_SYNC_TOKEN: /k8s/search-indexer/API_CMS_SYNC_TOKEN - APOLLO_BYPASS_CACHE_SECRET: /k8s/api/APOLLO_BYPASS_CACHE_SECRET - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN + API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' + API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' + APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/search-indexer + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' create: true - name: search-indexer + name: 'search-indexer' diff --git a/charts/services/service-portal-api/values.dev.yaml b/charts/services/service-portal-api/values.dev.yaml index 07a941ff66c3..50c57d7436af 100644 --- a/charts/services/service-portal-api/values.dev.yaml +++ b/charts/services/service-portal-api/values.dev.yaml @@ -1,47 +1,46 @@ service: - name: service-portal-api + name: 'service-portal-api' enabled: true env: - AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: postgres-applications.internal - DB_NAME: service_portal_api - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: service_portal_api - EMAIL_REGION: eu-west-1 - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - ISLYKILL_CERT: /etc/config/islyklar.p12 - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "true" - SERVERSIDE_FEATURES_ON: "" - SERVICE_PORTAL_BASE_URL: https://beta.dev01.devland.is/minarsidur - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' files: - - islyklar.p12 + - 'islyklar.p12' grantNamespaces: - - nginx-ingress-internal - - islandis - - user-notification - - identity-server - - application-system + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -52,40 +51,39 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' ingress: internal-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: service-portal-api.internal.dev01.devland.is + - host: 'service-portal-api.internal.dev01.devland.is' paths: - - / + - '/' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: service_portal_api - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: service_portal_api - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'service_portal_api' secrets: - DB_PASS: /k8s/service-portal-api/DB_PASSWORD - namespace: service-portal + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -97,31 +95,31 @@ service: min: 2 resources: limits: - cpu: 800m - memory: 1024Mi + cpu: '800m' + memory: '1024Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/service-portal-api/DB_PASSWORD - EMAIL_FROM: /k8s/service-portal/api/EMAIL_FROM - EMAIL_FROM_NAME: /k8s/service-portal/api/EMAIL_FROM_NAME - EMAIL_REPLY_TO: /k8s/service-portal/api/EMAIL_REPLY_TO - EMAIL_REPLY_TO_NAME: /k8s/service-portal/api/EMAIL_REPLY_TO_NAME - IDENTITY_SERVER_CLIENT_ID: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID - IDENTITY_SERVER_CLIENT_SECRET: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET - ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH - ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - NOVA_PASSWORD: /k8s/gjafakort/NOVA_PASSWORD - NOVA_URL: /k8s/service-portal-api/NOVA_URL - NOVA_USERNAME: /k8s/gjafakort/NOVA_USERNAME + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/service-portal-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' create: true - name: service-portal-api + name: 'service-portal-api' diff --git a/charts/services/service-portal-api/values.prod.yaml b/charts/services/service-portal-api/values.prod.yaml index f2c7f2045724..06206637a202 100644 --- a/charts/services/service-portal-api/values.prod.yaml +++ b/charts/services/service-portal-api/values.prod.yaml @@ -1,47 +1,47 @@ service: - name: service-portal-api + name: 'service-portal-api' enabled: true env: - AUTH_DELEGATION_API_URL: https://auth-delegation-api.internal.innskra.island.is + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: postgres-applications.internal - DB_NAME: service_portal_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: service_portal_api - EMAIL_REGION: eu-west-1 - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - ISLYKILL_CERT: /etc/config/islyklar.p12 - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "false" - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SERVICE_PORTAL_BASE_URL: https://island.is/minarsidur - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' files: - - islyklar.p12 + - 'islyklar.p12' grantNamespaces: - - nginx-ingress-internal - - islandis - - user-notification - - identity-server - - application-system + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -52,40 +52,40 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' ingress: internal-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: service-portal-api.internal.island.is + - host: 'service-portal-api.internal.island.is' paths: - - / + - '/' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: service_portal_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: service_portal_api - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/service-portal-api/DB_PASSWORD - namespace: service-portal + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -97,31 +97,31 @@ service: min: 2 resources: limits: - cpu: 800m - memory: 1024Mi + cpu: '800m' + memory: '1024Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/service-portal-api/DB_PASSWORD - EMAIL_FROM: /k8s/service-portal/api/EMAIL_FROM - EMAIL_FROM_NAME: /k8s/service-portal/api/EMAIL_FROM_NAME - EMAIL_REPLY_TO: /k8s/service-portal/api/EMAIL_REPLY_TO - EMAIL_REPLY_TO_NAME: /k8s/service-portal/api/EMAIL_REPLY_TO_NAME - IDENTITY_SERVER_CLIENT_ID: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID - IDENTITY_SERVER_CLIENT_SECRET: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET - ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH - ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - NOVA_PASSWORD: /k8s/gjafakort/NOVA_PASSWORD - NOVA_URL: /k8s/service-portal-api/NOVA_URL - NOVA_USERNAME: /k8s/gjafakort/NOVA_USERNAME + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/service-portal-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' create: true - name: service-portal-api + name: 'service-portal-api' diff --git a/charts/services/service-portal-api/values.staging.yaml b/charts/services/service-portal-api/values.staging.yaml index fcc442bc73c4..fbcc39cab818 100644 --- a/charts/services/service-portal-api/values.staging.yaml +++ b/charts/services/service-portal-api/values.staging.yaml @@ -1,47 +1,46 @@ service: - name: service-portal-api + name: 'service-portal-api' enabled: true env: - AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: postgres-applications.internal - DB_NAME: service_portal_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: service_portal_api - EMAIL_REGION: eu-west-1 - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - ISLYKILL_CERT: /etc/config/islyklar.p12 - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "false" - SERVERSIDE_FEATURES_ON: "" - SERVICE_PORTAL_BASE_URL: https://beta.staging01.devland.is/minarsidur - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + ISLYKILL_CERT: '/etc/config/islyklar.p12' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' files: - - islyklar.p12 + - 'islyklar.p12' grantNamespaces: - - nginx-ingress-internal - - islandis - - user-notification - - identity-server - - application-system + - 'nginx-ingress-internal' + - 'islandis' + - 'user-notification' + - 'identity-server' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -52,40 +51,39 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' ingress: internal-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: service-portal-api.internal.staging01.devland.is + - host: 'service-portal-api.internal.staging01.devland.is' paths: - - / + - '/' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: service_portal_api - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: service_portal_api - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'service_portal_api' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'service_portal_api' secrets: - DB_PASS: /k8s/service-portal-api/DB_PASSWORD - namespace: service-portal + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + namespace: 'service-portal' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -97,31 +95,31 @@ service: min: 2 resources: limits: - cpu: 800m - memory: 1024Mi + cpu: '800m' + memory: '1024Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/service-portal-api/DB_PASSWORD - EMAIL_FROM: /k8s/service-portal/api/EMAIL_FROM - EMAIL_FROM_NAME: /k8s/service-portal/api/EMAIL_FROM_NAME - EMAIL_REPLY_TO: /k8s/service-portal/api/EMAIL_REPLY_TO - EMAIL_REPLY_TO_NAME: /k8s/service-portal/api/EMAIL_REPLY_TO_NAME - IDENTITY_SERVER_CLIENT_ID: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID - IDENTITY_SERVER_CLIENT_SECRET: /k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET - ISLYKILL_SERVICE_BASEPATH: /k8s/api/ISLYKILL_SERVICE_BASEPATH - ISLYKILL_SERVICE_PASSPHRASE: /k8s/api/ISLYKILL_SERVICE_PASSPHRASE - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - NOVA_PASSWORD: /k8s/gjafakort/NOVA_PASSWORD - NOVA_URL: /k8s/service-portal-api/NOVA_URL - NOVA_USERNAME: /k8s/gjafakort/NOVA_USERNAME + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' + EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' + EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' + EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' + EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' + IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' + ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' + ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' + NOVA_URL: '/k8s/service-portal-api/NOVA_URL' + NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/service-portal-api + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' create: true - name: service-portal-api + name: 'service-portal-api' diff --git a/charts/services/service-portal/values.dev.yaml b/charts/services/service-portal/values.dev.yaml index 6e2a5411652f..31414f306c42 100644 --- a/charts/services/service-portal/values.dev.yaml +++ b/charts/services/service-portal/values.dev.yaml @@ -1,29 +1,28 @@ service: - name: service-portal + name: 'service-portal' enabled: true env: - BASEPATH: /minarsidur - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 - SERVERSIDE_FEATURES_ON: "" - SI_PUBLIC_ENVIRONMENT: dev - SI_PUBLIC_GRAPHQL_API: /api/graphql - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' grantNamespaces: - - nginx-ingress-internal - - nginx-ingress-external - - islandis - - user-notification - - identity-server + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -34,19 +33,19 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.dev01.devland.is + - host: 'beta.dev01.devland.is' paths: - - /minarsidur - namespace: service-portal + - '/minarsidur' + namespace: 'service-portal' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -56,16 +55,16 @@ service: min: 2 resources: limits: - cpu: 300m - memory: 256Mi + cpu: '300m' + memory: '256Mi' requests: - cpu: 5m - memory: 32Mi + cpu: '5m' + memory: '32Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/service-portal/values.prod.yaml b/charts/services/service-portal/values.prod.yaml index a0396a0fdd9a..b44dc93cbfcf 100644 --- a/charts/services/service-portal/values.prod.yaml +++ b/charts/services/service-portal/values.prod.yaml @@ -1,29 +1,29 @@ service: - name: service-portal + name: 'service-portal' enabled: true env: - BASEPATH: /minarsidur - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SI_PUBLIC_ENVIRONMENT: prod - SI_PUBLIC_GRAPHQL_API: /api/graphql - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' grantNamespaces: - - nginx-ingress-internal - - nginx-ingress-external - - islandis - - user-notification - - identity-server + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -34,22 +34,22 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: island.is + - host: 'island.is' paths: - - /minarsidur - - host: www.island.is + - '/minarsidur' + - host: 'www.island.is' paths: - - /minarsidur - namespace: service-portal + - '/minarsidur' + namespace: 'service-portal' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -59,16 +59,16 @@ service: min: 2 resources: limits: - cpu: 300m - memory: 256Mi + cpu: '300m' + memory: '256Mi' requests: - cpu: 5m - memory: 32Mi + cpu: '5m' + memory: '32Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/service-portal/values.staging.yaml b/charts/services/service-portal/values.staging.yaml index 7010de4e9b4f..506ea9ae26fc 100644 --- a/charts/services/service-portal/values.staging.yaml +++ b/charts/services/service-portal/values.staging.yaml @@ -1,29 +1,28 @@ service: - name: service-portal + name: 'service-portal' enabled: true env: - BASEPATH: /minarsidur - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 - SERVERSIDE_FEATURES_ON: "" - SI_PUBLIC_ENVIRONMENT: staging - SI_PUBLIC_GRAPHQL_API: /api/graphql - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + BASEPATH: '/minarsidur' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230' + SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_API: '/api/graphql' + SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' grantNamespaces: - - nginx-ingress-internal - - nginx-ingress-external - - islandis - - user-notification - - identity-server + - 'nginx-ingress-internal' + - 'nginx-ingress-external' + - 'islandis' + - 'user-notification' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -34,19 +33,19 @@ service: max: 30 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.staging01.devland.is + - host: 'beta.staging01.devland.is' paths: - - /minarsidur - namespace: service-portal + - '/minarsidur' + namespace: 'service-portal' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -56,16 +55,16 @@ service: min: 2 resources: limits: - cpu: 300m - memory: 256Mi + cpu: '300m' + memory: '256Mi' requests: - cpu: 5m - memory: 32Mi + cpu: '5m' + memory: '32Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - SI_PUBLIC_DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-admin-api/values.dev.yaml b/charts/services/services-auth-admin-api/values.dev.yaml index 254b1d81bd9c..30a78ebf1392 100644 --- a/charts/services/services-auth-admin-api/values.dev.yaml +++ b/charts/services/services-auth-admin-api/values.dev.yaml @@ -1,46 +1,45 @@ service: - name: services-auth-admin-api + name: 'services-auth-admin-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - SYSLUMENN_HOST: https://api.syslumenn.is/staging - SYSLUMENN_TIMEOUT: "3000" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: - - nginx-ingress-external - - nginx-ingress-internal - - islandis + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /backend/liveness + path: '/backend/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /backend/health/check + path: '/backend/health/check' timeoutSeconds: 3 hpa: scaling: @@ -51,18 +50,18 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: identity-server.dev01.devland.is + - host: 'identity-server.dev01.devland.is' paths: - - /backend - namespace: identity-server-admin + - '/backend' + namespace: 'identity-server-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -72,22 +71,22 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 768Mi + cpu: '400m' + memory: '768Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' secrets: - CLIENT_SECRET_ENCRYPTION_KEY: /k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-admin-api/values.prod.yaml b/charts/services/services-auth-admin-api/values.prod.yaml index 1f2c9422a6b0..7d84a9fe56e7 100644 --- a/charts/services/services-auth-admin-api/values.prod.yaml +++ b/charts/services/services-auth-admin-api/values.prod.yaml @@ -1,46 +1,46 @@ service: - name: services-auth-admin-api + name: 'services-auth-admin-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 - DB_HOST: postgres-ids.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-ids.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SYSLUMENN_HOST: https://api.syslumenn.is/api - SYSLUMENN_TIMEOUT: "3000" - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: - - nginx-ingress-external - - nginx-ingress-internal - - islandis + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /backend/liveness + path: '/backend/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /backend/health/check + path: '/backend/health/check' timeoutSeconds: 3 hpa: scaling: @@ -51,18 +51,18 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: innskra.island.is + - host: 'innskra.island.is' paths: - - /backend - namespace: identity-server-admin + - '/backend' + namespace: 'identity-server-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -72,22 +72,22 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 768Mi + cpu: '400m' + memory: '768Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' secrets: - CLIENT_SECRET_ENCRYPTION_KEY: /k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-admin-api/values.staging.yaml b/charts/services/services-auth-admin-api/values.staging.yaml index 3f18d2bfe82c..3a21a0cd5e48 100644 --- a/charts/services/services-auth-admin-api/values.staging.yaml +++ b/charts/services/services-auth-admin-api/values.staging.yaml @@ -1,46 +1,45 @@ service: - name: services-auth-admin-api + name: 'services-auth-admin-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - SYSLUMENN_HOST: https://api.syslumenn.is/staging - SYSLUMENN_TIMEOUT: "3000" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: - - nginx-ingress-external - - nginx-ingress-internal - - islandis + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /backend/liveness + path: '/backend/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /backend/health/check + path: '/backend/health/check' timeoutSeconds: 3 hpa: scaling: @@ -51,18 +50,18 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: identity-server.staging01.devland.is + - host: 'identity-server.staging01.devland.is' paths: - - /backend - namespace: identity-server-admin + - '/backend' + namespace: 'identity-server-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -72,22 +71,22 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 768Mi + cpu: '400m' + memory: '768Mi' requests: - cpu: 100m - memory: 512Mi + cpu: '100m' + memory: '512Mi' secrets: - CLIENT_SECRET_ENCRYPTION_KEY: /k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-delegation-api/values.dev.yaml b/charts/services/services-auth-delegation-api/values.dev.yaml index 45bb3c0c76d6..b31f8803d218 100644 --- a/charts/services/services-auth-delegation-api/values.dev.yaml +++ b/charts/services/services-auth-delegation-api/values.dev.yaml @@ -1,47 +1,46 @@ service: - name: services-auth-delegation-api + name: 'services-auth-delegation-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - SYSLUMENN_HOST: https://api.syslumenn.is/staging - SYSLUMENN_TIMEOUT: "3000" - USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: - - nginx-ingress-internal - - islandis - - service-portal - - user-notification-worker + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -52,17 +51,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' ingress: internal-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: auth-delegation-api.internal.dev01.devland.is + - host: 'auth-delegation-api.internal.dev01.devland.is' paths: - - / - namespace: identity-server-delegation + - '/' + namespace: 'identity-server-delegation' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -72,21 +71,21 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-delegation-api/values.prod.yaml b/charts/services/services-auth-delegation-api/values.prod.yaml index c3d6b0c1bb88..9ac151de4a44 100644 --- a/charts/services/services-auth-delegation-api/values.prod.yaml +++ b/charts/services/services-auth-delegation-api/values.prod.yaml @@ -1,47 +1,47 @@ service: - name: services-auth-delegation-api + name: 'services-auth-delegation-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 - DB_HOST: postgres-ids.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-ids.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SYSLUMENN_HOST: https://api.syslumenn.is/api - SYSLUMENN_TIMEOUT: "3000" - USER_NOTIFICATION_API_URL: https://user-notification.internal.island.is - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: - - nginx-ingress-internal - - islandis - - service-portal - - user-notification-worker + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -52,17 +52,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' ingress: internal-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: auth-delegation-api.internal.innskra.island.is + - host: 'auth-delegation-api.internal.innskra.island.is' paths: - - / - namespace: identity-server-delegation + - '/' + namespace: 'identity-server-delegation' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -72,21 +72,21 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-delegation-api/values.staging.yaml b/charts/services/services-auth-delegation-api/values.staging.yaml index 1e2fbf5acb8d..f9a88df165d1 100644 --- a/charts/services/services-auth-delegation-api/values.staging.yaml +++ b/charts/services/services-auth-delegation-api/values.staging.yaml @@ -1,47 +1,46 @@ service: - name: services-auth-delegation-api + name: 'services-auth-delegation-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - SYSLUMENN_HOST: https://api.syslumenn.is/staging - SYSLUMENN_TIMEOUT: "3000" - USER_NOTIFICATION_API_URL: http://web-user-notification.user-notification.svc.cluster.local - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: - - nginx-ingress-internal - - islandis - - service-portal - - user-notification-worker + - 'nginx-ingress-internal' + - 'islandis' + - 'service-portal' + - 'user-notification-worker' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -52,17 +51,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' ingress: internal-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: auth-delegation-api.internal.staging01.devland.is + - host: 'auth-delegation-api.internal.staging01.devland.is' paths: - - / - namespace: identity-server-delegation + - '/' + namespace: 'identity-server-delegation' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -72,21 +71,21 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.dev.yaml b/charts/services/services-auth-ids-api-cleanup/values.dev.yaml index 74896685ac71..d95ec37395fe 100644 --- a/charts/services/services-auth-ids-api-cleanup/values.dev.yaml +++ b/charts/services/services-auth-ids-api-cleanup/values.dev.yaml @@ -1,33 +1,32 @@ service: - name: services-auth-ids-api-cleanup + name: 'services-auth-ids-api-cleanup' args: - - main.js - - --job=cleanup + - 'main.js' + - '--job=cleanup' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: servicesauth - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external - - user-notification - - portals-admin + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -38,8 +37,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api - namespace: identity-server + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -49,15 +48,15 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 1024Mi + cpu: '400m' + memory: '1024Mi' requests: - cpu: 100m - memory: 256Mi - schedule: 0 3 * * * + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.prod.yaml b/charts/services/services-auth-ids-api-cleanup/values.prod.yaml index 7cbd6aa64faa..7f59b90ba58d 100644 --- a/charts/services/services-auth-ids-api-cleanup/values.prod.yaml +++ b/charts/services/services-auth-ids-api-cleanup/values.prod.yaml @@ -1,33 +1,33 @@ service: - name: services-auth-ids-api-cleanup + name: 'services-auth-ids-api-cleanup' args: - - main.js - - --job=cleanup + - 'main.js' + - '--job=cleanup' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-ids.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-ids.internal - DB_USER: servicesauth - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-external - - user-notification - - portals-admin + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -38,8 +38,8 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api - namespace: identity-server + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -49,15 +49,15 @@ service: min: 3 resources: limits: - cpu: 400m - memory: 1024Mi + cpu: '400m' + memory: '1024Mi' requests: - cpu: 100m - memory: 256Mi - schedule: 0 3 * * * + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.staging.yaml b/charts/services/services-auth-ids-api-cleanup/values.staging.yaml index 89613d65aefe..b99e99a0717e 100644 --- a/charts/services/services-auth-ids-api-cleanup/values.staging.yaml +++ b/charts/services/services-auth-ids-api-cleanup/values.staging.yaml @@ -1,33 +1,32 @@ service: - name: services-auth-ids-api-cleanup + name: 'services-auth-ids-api-cleanup' args: - - main.js - - --job=cleanup + - 'main.js' + - '--job=cleanup' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: servicesauth - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=921 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external - - user-notification - - portals-admin + - 'nginx-ingress-external' + - 'user-notification' + - 'portals-admin' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -38,8 +37,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api - namespace: identity-server + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' + namespace: 'identity-server' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -49,15 +48,15 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 1024Mi + cpu: '400m' + memory: '1024Mi' requests: - cpu: 100m - memory: 256Mi - schedule: 0 3 * * * + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-ids-api/values.dev.yaml b/charts/services/services-auth-ids-api/values.dev.yaml index 0c796aa0c8fd..3f2e3cbfbec6 100644 --- a/charts/services/services-auth-ids-api/values.dev.yaml +++ b/charts/services/services-auth-ids-api/values.dev.yaml @@ -1,58 +1,57 @@ service: - name: services-auth-ids-api + name: 'services-auth-ids-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: 6cf94113-d326-4e4d-b97c-1fea12d2f5e1 - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "true" + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'true' PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" - PASSKEY_CORE_MAX_AGE_DAYS: "365" - PASSKEY_CORE_RP_ID: island.is - PASSKEY_CORE_RP_NAME: Island.is - PUBLIC_URL: https://identity-server.dev01.devland.is/api + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - SYSLUMENN_HOST: https://api.syslumenn.is/staging - SYSLUMENN_TIMEOUT: "3000" + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "10001" - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' grantNamespaces: - - nginx-ingress-external - - user-notification + - 'nginx-ingress-external' + - 'user-notification' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -63,45 +62,44 @@ service: max: 15 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' - args: - - sequelize-cli - - db:seed:all + - 'sequelize-cli' + - 'db:seed:all' command: - - npx - name: seed + - 'npx' + name: 'seed' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: servicesauth - SERVERSIDE_FEATURES_ON: "" + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' secrets: - DB_PASS: /k8s/servicesauth/DB_PASSWORD - namespace: identity-server + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -111,21 +109,21 @@ service: min: 2 resources: limits: - cpu: 800m - memory: 768Mi + cpu: '800m' + memory: '768Mi' requests: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - NOVA_PASSWORD: /k8s/services-auth/NOVA_PASSWORD - NOVA_URL: /k8s/services-auth/NOVA_URL - NOVA_USERNAME: /k8s/services-auth/NOVA_USERNAME - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-ids-api/values.prod.yaml b/charts/services/services-auth-ids-api/values.prod.yaml index c743dcc0aa28..9c15653ec6e8 100644 --- a/charts/services/services-auth-ids-api/values.prod.yaml +++ b/charts/services/services-auth-ids-api/values.prod.yaml @@ -1,58 +1,58 @@ service: - name: services-auth-ids-api + name: 'services-auth-ids-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-ids.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-ids.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: 8271bbc2-d8de-480f-8540-ea43fc40b7ae - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "false" + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" - PASSKEY_CORE_MAX_AGE_DAYS: "365" - PASSKEY_CORE_RP_ID: island.is - PASSKEY_CORE_RP_NAME: Island.is - PUBLIC_URL: https://innskra.island.is/api + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SYSLUMENN_HOST: https://api.syslumenn.is/api - SYSLUMENN_TIMEOUT: "3000" + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: https://service-portal-api.internal.island.is - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client + USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' grantNamespaces: - - nginx-ingress-external - - user-notification + - 'nginx-ingress-external' + - 'user-notification' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -63,45 +63,45 @@ service: max: 15 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' - args: - - sequelize-cli - - db:seed:all + - 'sequelize-cli' + - 'db:seed:all' command: - - npx - name: seed + - 'npx' + name: 'seed' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-ids.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-ids.internal - DB_USER: servicesauth - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/servicesauth/DB_PASSWORD - namespace: identity-server + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -111,21 +111,21 @@ service: min: 2 resources: limits: - cpu: 800m - memory: 768Mi + cpu: '800m' + memory: '768Mi' requests: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - NOVA_PASSWORD: /k8s/services-auth/NOVA_PASSWORD - NOVA_URL: /k8s/services-auth/NOVA_URL - NOVA_USERNAME: /k8s/services-auth/NOVA_USERNAME - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-ids-api/values.staging.yaml b/charts/services/services-auth-ids-api/values.staging.yaml index 8fee53efd01a..cb6fb4a52e6d 100644 --- a/charts/services/services-auth-ids-api/values.staging.yaml +++ b/charts/services/services-auth-ids-api/values.staging.yaml @@ -1,58 +1,57 @@ service: - name: services-auth-ids-api + name: 'services-auth-ids-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NATIONAL_REGISTRY_B2C_CLIENT_ID: 6cf94113-d326-4e4d-b97c-1fea12d2f5e1 - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init - NOVA_ACCEPT_UNAUTHORIZED: "false" + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + NOVA_ACCEPT_UNAUTHORIZED: 'false' PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" - PASSKEY_CORE_MAX_AGE_DAYS: "365" - PASSKEY_CORE_RP_ID: island.is - PASSKEY_CORE_RP_NAME: Island.is - PUBLIC_URL: https://identity-server.staging01.devland.is/api + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_MAX_AGE_DAYS: '365' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - SYSLUMENN_HOST: https://api.syslumenn.is/staging - SYSLUMENN_TIMEOUT: "3000" + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' grantNamespaces: - - nginx-ingress-external - - user-notification + - 'nginx-ingress-external' + - 'user-notification' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -63,45 +62,44 @@ service: max: 15 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' - args: - - sequelize-cli - - db:seed:all + - 'sequelize-cli' + - 'db:seed:all' command: - - npx - name: seed + - 'npx' + name: 'seed' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: servicesauth - SERVERSIDE_FEATURES_ON: "" + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' secrets: - DB_PASS: /k8s/servicesauth/DB_PASSWORD - namespace: identity-server + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + namespace: 'identity-server' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -111,21 +109,21 @@ service: min: 2 resources: limits: - cpu: 800m - memory: 768Mi + cpu: '800m' + memory: '768Mi' requests: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET - NOVA_PASSWORD: /k8s/services-auth/NOVA_PASSWORD - NOVA_URL: /k8s/services-auth/NOVA_URL - NOVA_USERNAME: /k8s/services-auth/NOVA_USERNAME - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' + NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' + NOVA_URL: '/k8s/services-auth/NOVA_URL' + NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.dev.yaml b/charts/services/services-auth-personal-representative-public/values.dev.yaml index 2bb71b7f092f..d067383d7856 100644 --- a/charts/services/services-auth-personal-representative-public/values.dev.yaml +++ b/charts/services/services-auth-personal-representative-public/values.dev.yaml @@ -1,25 +1,24 @@ service: - name: services-auth-personal-representative-public + name: 'services-auth-personal-representative-public' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: servicesauth - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -30,17 +29,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: personal-representative-public-xrd.internal.dev01.devland.is + - host: 'personal-representative-public-xrd.internal.dev01.devland.is' paths: - - / - namespace: personal-representative + - '/' + namespace: 'personal-representative' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -50,14 +49,14 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.prod.yaml b/charts/services/services-auth-personal-representative-public/values.prod.yaml index 89ffa2af4201..eac91f44d94c 100644 --- a/charts/services/services-auth-personal-representative-public/values.prod.yaml +++ b/charts/services/services-auth-personal-representative-public/values.prod.yaml @@ -1,25 +1,25 @@ service: - name: services-auth-personal-representative-public + name: 'services-auth-personal-representative-public' enabled: true env: - DB_HOST: postgres-ids.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-ids.internal - DB_USER: servicesauth - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -30,17 +30,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: personal-representative-public-xrd.internal.innskra.island.is + - host: 'personal-representative-public-xrd.internal.innskra.island.is' paths: - - / - namespace: personal-representative + - '/' + namespace: 'personal-representative' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -50,14 +50,14 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.staging.yaml b/charts/services/services-auth-personal-representative-public/values.staging.yaml index 2779ccc39977..9ff06b18a83d 100644 --- a/charts/services/services-auth-personal-representative-public/values.staging.yaml +++ b/charts/services/services-auth-personal-representative-public/values.staging.yaml @@ -1,25 +1,24 @@ service: - name: services-auth-personal-representative-public + name: 'services-auth-personal-representative-public' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: servicesauth - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -30,17 +29,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: personal-representative-public-xrd.internal.staging01.devland.is + - host: 'personal-representative-public-xrd.internal.staging01.devland.is' paths: - - / - namespace: personal-representative + - '/' + namespace: 'personal-representative' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -50,14 +49,14 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-personal-representative/values.dev.yaml b/charts/services/services-auth-personal-representative/values.dev.yaml index 42561c65ce0a..b747cb355e7c 100644 --- a/charts/services/services-auth-personal-representative/values.dev.yaml +++ b/charts/services/services-auth-personal-representative/values.dev.yaml @@ -1,42 +1,41 @@ service: - name: services-auth-personal-representative + name: 'services-auth-personal-representative' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - SYSLUMENN_HOST: https://api.syslumenn.is/staging - SYSLUMENN_TIMEOUT: "3000" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -47,17 +46,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: personal-representative-xrd.internal.dev01.devland.is + - host: 'personal-representative-xrd.internal.dev01.devland.is' paths: - - / - namespace: personal-representative + - '/' + namespace: 'personal-representative' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -67,20 +66,20 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-personal-representative/values.prod.yaml b/charts/services/services-auth-personal-representative/values.prod.yaml index eb8dc630d3f9..913b4f0aad8d 100644 --- a/charts/services/services-auth-personal-representative/values.prod.yaml +++ b/charts/services/services-auth-personal-representative/values.prod.yaml @@ -1,42 +1,42 @@ service: - name: services-auth-personal-representative + name: 'services-auth-personal-representative' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 - DB_HOST: postgres-ids.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-ids.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SYSLUMENN_HOST: https://api.syslumenn.is/api - SYSLUMENN_TIMEOUT: "3000" - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -47,17 +47,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: personal-representative-xrd.internal.innskra.island.is + - host: 'personal-representative-xrd.internal.innskra.island.is' paths: - - / - namespace: personal-representative + - '/' + namespace: 'personal-representative' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -67,20 +67,20 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-personal-representative/values.staging.yaml b/charts/services/services-auth-personal-representative/values.staging.yaml index 564ceaec3a9d..4bdb5440ac73 100644 --- a/charts/services/services-auth-personal-representative/values.staging.yaml +++ b/charts/services/services-auth-personal-representative/values.staging.yaml @@ -1,42 +1,41 @@ service: - name: services-auth-personal-representative + name: 'services-auth-personal-representative' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - SYSLUMENN_HOST: https://api.syslumenn.is/staging - SYSLUMENN_TIMEOUT: "3000" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -47,17 +46,17 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: personal-representative-xrd.internal.staging01.devland.is + - host: 'personal-representative-xrd.internal.staging01.devland.is' paths: - - / - namespace: personal-representative + - '/' + namespace: 'personal-representative' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -67,20 +66,20 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-public-api/values.dev.yaml b/charts/services/services-auth-public-api/values.dev.yaml index 82c8560a177e..650c77ac5018 100644 --- a/charts/services/services-auth-public-api/values.dev.yaml +++ b/charts/services/services-auth-public-api/values.dev.yaml @@ -1,53 +1,52 @@ service: - name: services-auth-public-api + name: 'services-auth-public-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" - PASSKEY_CORE_RP_ID: island.is - PASSKEY_CORE_RP_NAME: Island.is - PUBLIC_URL: https://identity-server.dev01.devland.is/api + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - SYSLUMENN_HOST: https://api.syslumenn.is/staging - SYSLUMENN_TIMEOUT: "3000" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS-DEV/GOV/10006/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "10001" - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '10001' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: - - nginx-ingress-external - - nginx-ingress-internal - - islandis + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -58,21 +57,21 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/rewrite-target: /$2 - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: identity-server.dev01.devland.is + - host: 'identity-server.dev01.devland.is' paths: - - /api(/|$)(.*) - namespace: identity-server-admin + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -82,21 +81,21 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 384Mi + cpu: '400m' + memory: '384Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-public-api/values.prod.yaml b/charts/services/services-auth-public-api/values.prod.yaml index f2ff92d0f2c9..b6e9516a304a 100644 --- a/charts/services/services-auth-public-api/values.prod.yaml +++ b/charts/services/services-auth-public-api/values.prod.yaml @@ -1,53 +1,53 @@ service: - name: services-auth-public-api + name: 'services-auth-public-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 - DB_HOST: postgres-ids.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-ids.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-ids.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-ids.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" - PASSKEY_CORE_RP_ID: island.is - PASSKEY_CORE_RP_NAME: Island.is - PUBLIC_URL: https://innskra.island.is/api + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://innskra.island.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SYSLUMENN_HOST: https://api.syslumenn.is/api - SYSLUMENN_TIMEOUT: "3000" - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SYSLUMENN_HOST: 'https://api.syslumenn.is/api' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: - - nginx-ingress-external - - nginx-ingress-internal - - islandis + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -58,21 +58,21 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/rewrite-target: /$2 - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: innskra.island.is + - host: 'innskra.island.is' paths: - - /api(/|$)(.*) - namespace: identity-server-admin + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -82,21 +82,21 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 384Mi + cpu: '400m' + memory: '384Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-auth-public-api/values.staging.yaml b/charts/services/services-auth-public-api/values.staging.yaml index 46d2cda511f1..43a408282509 100644 --- a/charts/services/services-auth-public-api/values.staging.yaml +++ b/charts/services/services-auth-public-api/values.staging.yaml @@ -1,53 +1,52 @@ service: - name: services-auth-public-api + name: 'services-auth-public-api' enabled: true env: COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 - DB_HOST: postgres-applications.internal - DB_NAME: servicesauth - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: servicesauth - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/auth-api" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'servicesauth' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'servicesauth' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: "120000" - PASSKEY_CORE_RP_ID: island.is - PASSKEY_CORE_RP_NAME: Island.is - PUBLIC_URL: https://identity-server.staging01.devland.is/api + PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' + PASSKEY_CORE_RP_ID: 'island.is' + PASSKEY_CORE_RP_NAME: 'Island.is' + PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - SYSLUMENN_HOST: https://api.syslumenn.is/staging - SYSLUMENN_TIMEOUT: "3000" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: "true" + SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' + SYSLUMENN_TIMEOUT: '3000' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1 - XROAD_RSK_PROCURING_ACTOR_TOKEN: "true" - XROAD_RSK_PROCURING_PATH: IS-TEST/GOV/5402696029/Skatturinn/relationships-v1 + XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' + XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' + XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: /SKRA-Protected/Einstaklingar-v1 - XROAD_TJODSKRA_MEMBER_CODE: "6503760649" - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST - ZENDESK_CONTACT_FORM_SUBDOMAIN: digitaliceland + XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' + XROAD_TJODSKRA_MEMBER_CODE: '6503760649' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' grantNamespaces: - - nginx-ingress-external - - nginx-ingress-internal - - islandis + - 'nginx-ingress-external' + - 'nginx-ingress-internal' + - 'islandis' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -58,21 +57,21 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/rewrite-target: /$2 - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/rewrite-target: '/$2' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: identity-server.staging01.devland.is + - host: 'identity-server.staging01.devland.is' paths: - - /api(/|$)(.*) - namespace: identity-server-admin + - '/api(/|$)(.*)' + namespace: 'identity-server-admin' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -82,21 +81,21 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 384Mi + cpu: '400m' + memory: '384Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/servicesauth/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: /k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET - SYSLUMENN_PASSWORD: /k8s/services-auth/SYSLUMENN_PASSWORD - SYSLUMENN_USERNAME: /k8s/services-auth/SYSLUMENN_USERNAME - ZENDESK_CONTACT_FORM_EMAIL: /k8s/api/ZENDESK_CONTACT_FORM_EMAIL - ZENDESK_CONTACT_FORM_TOKEN: /k8s/api/ZENDESK_CONTACT_FORM_TOKEN - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: /k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/servicesauth/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' + NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' + SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' + SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' + ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' + ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' + ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-bff-portals-admin/values.dev.yaml b/charts/services/services-bff-portals-admin/values.dev.yaml index d6ba4a4f3ee8..accc4e94341c 100644 --- a/charts/services/services-bff-portals-admin/values.dev.yaml +++ b/charts/services/services-bff-portals-admin/values.dev.yaml @@ -1,36 +1,35 @@ service: - name: services-bff-portals-admin + name: 'services-bff-portals-admin' enabled: true env: BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: "3595000" - BFF_CALLBACKS_BASE_PATH: https://beta.dev01.devland.is/stjornbord/bff/callbacks - BFF_CLIENT_BASE_URL: https://beta.dev01.devland.is - BFF_CLIENT_KEY_PATH: /stjornbord - BFF_LOGIN_ATTEMPT_TTL_MS: "604800000" - BFF_LOGOUT_REDIRECT_URI: https://beta.dev01.devland.is - BFF_NAME: stjornbord - BFF_PAR_SUPPORT_ENABLED: "true" - BFF_PROXY_API_ENDPOINT: http://web-api.islandis.svc.cluster.local/api/graphql - IDENTITY_SERVER_CLIENT_ID: "@admin.island.is/bff-stjornbord" + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" grantNamespaces: - - identity-server + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /stjornbord/bff/liveness + path: '/stjornbord/bff/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /stjornbord/bff/health/check + path: '/stjornbord/bff/health/check' timeoutSeconds: 3 hpa: scaling: @@ -41,20 +40,20 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.dev01.devland.is + - host: 'beta.dev01.devland.is' paths: - - /stjornbord/bff - namespace: portals-admin + - '/stjornbord/bff' + namespace: 'portals-admin' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -66,20 +65,20 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - BFF_TOKEN_SECRET_BASE64: /k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64 - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/services-bff + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' create: true - name: services-bff + name: 'services-bff' diff --git a/charts/services/services-bff-portals-admin/values.prod.yaml b/charts/services/services-bff-portals-admin/values.prod.yaml index fdfb2a96d34e..cb57cdf7f182 100644 --- a/charts/services/services-bff-portals-admin/values.prod.yaml +++ b/charts/services/services-bff-portals-admin/values.prod.yaml @@ -1,36 +1,36 @@ service: - name: services-bff-portals-admin + name: 'services-bff-portals-admin' enabled: true env: BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: "3595000" - BFF_CALLBACKS_BASE_PATH: https://island.is/stjornbord/bff/callbacks - BFF_CLIENT_BASE_URL: https://island.is - BFF_CLIENT_KEY_PATH: /stjornbord - BFF_LOGIN_ATTEMPT_TTL_MS: "604800000" - BFF_LOGOUT_REDIRECT_URI: https://island.is - BFF_NAME: stjornbord - BFF_PAR_SUPPORT_ENABLED: "true" - BFF_PROXY_API_ENDPOINT: http://web-api.islandis.svc.cluster.local/api/graphql - IDENTITY_SERVER_CLIENT_ID: "@admin.island.is/bff-stjornbord" + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://island.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://island.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - identity-server + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /stjornbord/bff/liveness + path: '/stjornbord/bff/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /stjornbord/bff/health/check + path: '/stjornbord/bff/health/check' timeoutSeconds: 3 hpa: scaling: @@ -41,22 +41,22 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: island.is + - host: 'island.is' paths: - - /stjornbord/bff - - host: www.island.is + - '/stjornbord/bff' + - host: 'www.island.is' paths: - - /stjornbord/bff - namespace: portals-admin + - '/stjornbord/bff' + namespace: 'portals-admin' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -68,20 +68,20 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - BFF_TOKEN_SECRET_BASE64: /k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64 - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/services-bff + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' create: true - name: services-bff + name: 'services-bff' diff --git a/charts/services/services-bff-portals-admin/values.staging.yaml b/charts/services/services-bff-portals-admin/values.staging.yaml index 9bc9d67f5bf4..c72f6bd4a467 100644 --- a/charts/services/services-bff-portals-admin/values.staging.yaml +++ b/charts/services/services-bff-portals-admin/values.staging.yaml @@ -1,36 +1,35 @@ service: - name: services-bff-portals-admin + name: 'services-bff-portals-admin' enabled: true env: BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: "3595000" - BFF_CALLBACKS_BASE_PATH: https://beta.staging01.devland.is/stjornbord/bff/callbacks - BFF_CLIENT_BASE_URL: https://beta.staging01.devland.is - BFF_CLIENT_KEY_PATH: /stjornbord - BFF_LOGIN_ATTEMPT_TTL_MS: "604800000" - BFF_LOGOUT_REDIRECT_URI: https://beta.staging01.devland.is - BFF_NAME: stjornbord - BFF_PAR_SUPPORT_ENABLED: "true" - BFF_PROXY_API_ENDPOINT: http://web-api.islandis.svc.cluster.local/api/graphql - IDENTITY_SERVER_CLIENT_ID: "@admin.island.is/bff-stjornbord" + BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' + BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' + BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' + BFF_CLIENT_KEY_PATH: '/stjornbord' + BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' + BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' + BFF_NAME: 'stjornbord' + BFF_PAR_SUPPORT_ENABLED: 'true' + BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' + IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" grantNamespaces: - - identity-server + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /stjornbord/bff/liveness + path: '/stjornbord/bff/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /stjornbord/bff/health/check + path: '/stjornbord/bff/health/check' timeoutSeconds: 3 hpa: scaling: @@ -41,20 +40,20 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/enable-global-auth: "false" - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/enable-global-auth: 'false' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.staging01.devland.is + - host: 'beta.staging01.devland.is' paths: - - /stjornbord/bff - namespace: portals-admin + - '/stjornbord/bff' + namespace: 'portals-admin' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -66,20 +65,20 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - BFF_TOKEN_SECRET_BASE64: /k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64 - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET + BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/services-bff + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' create: true - name: services-bff + name: 'services-bff' diff --git a/charts/services/services-documents/values.dev.yaml b/charts/services/services-documents/values.dev.yaml index 94c4fb1d3a8a..d98f9d209753 100644 --- a/charts/services/services-documents/values.dev.yaml +++ b/charts/services/services-documents/values.dev.yaml @@ -1,27 +1,26 @@ service: - name: services-documents + name: 'services-documents' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_documents - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: services_documents - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - islandis - - application-system + - 'islandis' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -32,31 +31,30 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: services_documents - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: services_documents - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_documents' secrets: - DB_PASS: /k8s/services-documents/DB_PASSWORD - namespace: services-documents + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -66,14 +64,14 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-documents/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-documents/values.prod.yaml b/charts/services/services-documents/values.prod.yaml index 1007f2840861..b98e61e2a13b 100644 --- a/charts/services/services-documents/values.prod.yaml +++ b/charts/services/services-documents/values.prod.yaml @@ -1,27 +1,27 @@ service: - name: services-documents + name: 'services-documents' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_documents - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_documents - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - islandis - - application-system + - 'islandis' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -32,31 +32,31 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: services_documents - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_documents - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/services-documents/DB_PASSWORD - namespace: services-documents + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -66,14 +66,14 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-documents/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-documents/values.staging.yaml b/charts/services/services-documents/values.staging.yaml index f6329acd5db3..8d162882aeef 100644 --- a/charts/services/services-documents/values.staging.yaml +++ b/charts/services/services-documents/values.staging.yaml @@ -1,27 +1,26 @@ service: - name: services-documents + name: 'services-documents' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_documents - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_documents - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - islandis - - application-system + - 'islandis' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -32,31 +31,30 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: services_documents - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_documents - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_documents' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_documents' secrets: - DB_PASS: /k8s/services-documents/DB_PASSWORD - namespace: services-documents + DB_PASS: '/k8s/services-documents/DB_PASSWORD' + namespace: 'services-documents' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -66,14 +64,14 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi + cpu: '100m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-documents/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-documents/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-sessions-cleanup/values.dev.yaml b/charts/services/services-sessions-cleanup/values.dev.yaml index 802f4e99811a..e4d9b53b282e 100644 --- a/charts/services/services-sessions-cleanup/values.dev.yaml +++ b/charts/services/services-sessions-cleanup/values.dev.yaml @@ -1,32 +1,31 @@ service: - name: services-sessions-cleanup + name: 'services-sessions-cleanup' args: - - main.js - - --job=cleanup + - 'main.js' + - '--job=cleanup' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: services_sessions - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -37,8 +36,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions - namespace: services-sessions + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -48,15 +47,15 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi - schedule: 0 3 * * * + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-sessions/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-sessions-cleanup/values.prod.yaml b/charts/services/services-sessions-cleanup/values.prod.yaml index f3e11d30b1a1..d82ee5e3f032 100644 --- a/charts/services/services-sessions-cleanup/values.prod.yaml +++ b/charts/services/services-sessions-cleanup/values.prod.yaml @@ -1,32 +1,32 @@ service: - name: services-sessions-cleanup + name: 'services-sessions-cleanup' args: - - main.js - - --job=cleanup + - 'main.js' + - '--job=cleanup' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_sessions - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -37,8 +37,8 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions - namespace: services-sessions + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -48,15 +48,15 @@ service: min: 3 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi - schedule: 0 3 * * * + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-sessions/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-sessions-cleanup/values.staging.yaml b/charts/services/services-sessions-cleanup/values.staging.yaml index a8fe616b33dc..15de1ac7a843 100644 --- a/charts/services/services-sessions-cleanup/values.staging.yaml +++ b/charts/services/services-sessions-cleanup/values.staging.yaml @@ -1,32 +1,31 @@ service: - name: services-sessions-cleanup + name: 'services-sessions-cleanup' args: - - main.js - - --job=cleanup + - 'main.js' + - '--job=cleanup' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_sessions - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -37,8 +36,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions - namespace: services-sessions + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' + namespace: 'services-sessions' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -48,15 +47,15 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi - schedule: 0 3 * * * + cpu: '100m' + memory: '256Mi' + schedule: '0 3 * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-sessions/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-sessions-worker/values.dev.yaml b/charts/services/services-sessions-worker/values.dev.yaml index 55d1a5149315..f0ef9e39db1e 100644 --- a/charts/services/services-sessions-worker/values.dev.yaml +++ b/charts/services/services-sessions-worker/values.dev.yaml @@ -1,36 +1,35 @@ service: - name: services-sessions-worker + name: 'services-sessions-worker' args: - - main.js - - --job=worker + - 'main.js' + - '--job=worker' command: - - node + - 'node' enabled: true env: - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: services_sessions - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: "" + REDIS_USE_SSL: 'true' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -41,32 +40,31 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: services_sessions - SERVERSIDE_FEATURES_ON: "" + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions' secrets: - DB_PASS: /k8s/services-sessions/DB_PASSWORD - namespace: services-sessions + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -78,19 +76,19 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-sessions/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/sessions-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' create: true - name: sessions-worker + name: 'sessions-worker' diff --git a/charts/services/services-sessions-worker/values.prod.yaml b/charts/services/services-sessions-worker/values.prod.yaml index f9655064bdcd..60f349f6054e 100644 --- a/charts/services/services-sessions-worker/values.prod.yaml +++ b/charts/services/services-sessions-worker/values.prod.yaml @@ -1,36 +1,36 @@ service: - name: services-sessions-worker + name: 'services-sessions-worker' args: - - main.js - - --job=worker + - 'main.js' + - '--job=worker' command: - - node + - 'node' enabled: true env: - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_sessions - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -41,32 +41,32 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_sessions - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/services-sessions/DB_PASSWORD - namespace: services-sessions + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -78,19 +78,19 @@ service: min: 3 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-sessions/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/sessions-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' create: true - name: sessions-worker + name: 'sessions-worker' diff --git a/charts/services/services-sessions-worker/values.staging.yaml b/charts/services/services-sessions-worker/values.staging.yaml index 9a51a1e727d2..50773ba16d31 100644 --- a/charts/services/services-sessions-worker/values.staging.yaml +++ b/charts/services/services-sessions-worker/values.staging.yaml @@ -1,36 +1,35 @@ service: - name: services-sessions-worker + name: 'services-sessions-worker' args: - - main.js - - --job=worker + - 'main.js' + - '--job=worker' command: - - node + - 'node' enabled: true env: - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_sessions - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: "" + REDIS_USE_SSL: 'true' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -41,32 +40,31 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_EXTENSIONS: uuid-ossp - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_sessions - SERVERSIDE_FEATURES_ON: "" + DB_EXTENSIONS: 'uuid-ossp' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions' secrets: - DB_PASS: /k8s/services-sessions/DB_PASSWORD - namespace: services-sessions + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' + namespace: 'services-sessions' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -78,19 +76,19 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 100m - memory: 256Mi + cpu: '100m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-sessions/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/sessions-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' create: true - name: sessions-worker + name: 'sessions-worker' diff --git a/charts/services/services-sessions/values.dev.yaml b/charts/services/services-sessions/values.dev.yaml index 74a8ce33cdc6..16eae3ff3434 100644 --- a/charts/services/services-sessions/values.dev.yaml +++ b/charts/services/services-sessions/values.dev.yaml @@ -1,30 +1,29 @@ service: - name: services-sessions + name: 'services-sessions' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: services_sessions_read - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: "" + REDIS_USE_SSL: 'true' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -35,17 +34,17 @@ service: max: 10 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' ingress: internal-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: sessions-api.internal.dev01.devland.is + - host: 'sessions-api.internal.dev01.devland.is' paths: - - / - namespace: services-sessions + - '/' + namespace: 'services-sessions' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -55,14 +54,14 @@ service: min: 1 resources: limits: - cpu: 250m - memory: 512Mi + cpu: '250m' + memory: '512Mi' requests: - cpu: 25m - memory: 300Mi + cpu: '25m' + memory: '300Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-sessions/readonly/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-sessions/values.prod.yaml b/charts/services/services-sessions/values.prod.yaml index 243ae2cd4ef0..fc6ad0be31c2 100644 --- a/charts/services/services-sessions/values.prod.yaml +++ b/charts/services/services-sessions/values.prod.yaml @@ -1,30 +1,30 @@ service: - name: services-sessions + name: 'services-sessions' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_sessions_read - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -35,17 +35,17 @@ service: max: 10 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' ingress: internal-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: sessions-api.internal.island.is + - host: 'sessions-api.internal.island.is' paths: - - / - namespace: services-sessions + - '/' + namespace: 'services-sessions' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -55,14 +55,14 @@ service: min: 1 resources: limits: - cpu: 250m - memory: 512Mi + cpu: '250m' + memory: '512Mi' requests: - cpu: 25m - memory: 300Mi + cpu: '25m' + memory: '300Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-sessions/readonly/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-sessions/values.staging.yaml b/charts/services/services-sessions/values.staging.yaml index ac5ebab05fa1..8ab587e5bed2 100644 --- a/charts/services/services-sessions/values.staging.yaml +++ b/charts/services/services-sessions/values.staging.yaml @@ -1,30 +1,29 @@ service: - name: services-sessions + name: 'services-sessions' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_sessions - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_sessions_read - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_sessions' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_sessions_read' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: "" + REDIS_USE_SSL: 'true' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -35,17 +34,17 @@ service: max: 10 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' ingress: internal-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: sessions-api.internal.staging01.devland.is + - host: 'sessions-api.internal.staging01.devland.is' paths: - - / - namespace: services-sessions + - '/' + namespace: 'services-sessions' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -55,14 +54,14 @@ service: min: 1 resources: limits: - cpu: 250m - memory: 512Mi + cpu: '250m' + memory: '512Mi' requests: - cpu: 25m - memory: 300Mi + cpu: '25m' + memory: '300Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-sessions/readonly/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/services-university-gateway-worker/values.dev.yaml b/charts/services/services-university-gateway-worker/values.dev.yaml index c4d0d71e0005..2b84b2359ee3 100644 --- a/charts/services/services-university-gateway-worker/values.dev.yaml +++ b/charts/services/services-university-gateway-worker/values.dev.yaml @@ -1,48 +1,47 @@ service: - name: services-university-gateway-worker + name: 'services-university-gateway-worker' args: - - main.js - - --job - - worker + - 'main.js' + - '--job' + - 'worker' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_university_gateway - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: services_university_gateway - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10010/HI-Protected/umsoknir-v1 + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' grantNamespaces: - - islandis - - nginx-ingress-internal - - application-system + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -53,8 +52,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway - namespace: services-university-gateway + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -66,21 +65,21 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 384Mi + cpu: '200m' + memory: '384Mi' requests: - cpu: 50m - memory: 256Mi - schedule: 0 * * * * + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-university-gateway/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/services-university-gateway-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' create: true - name: services-university-gateway-worker + name: 'services-university-gateway-worker' diff --git a/charts/services/services-university-gateway-worker/values.prod.yaml b/charts/services/services-university-gateway-worker/values.prod.yaml index 76dc70a8ed2e..5865f9c1a07a 100644 --- a/charts/services/services-university-gateway-worker/values.prod.yaml +++ b/charts/services/services-university-gateway-worker/values.prod.yaml @@ -1,48 +1,48 @@ service: - name: services-university-gateway-worker + name: 'services-university-gateway-worker' args: - - main.js - - --job - - worker + - 'main.js' + - '--job' + - 'worker' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_university_gateway - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_university_gateway - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/4112043590/LBHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS/EDU/5001694359/Holar-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS/EDU/4210984099/LHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS/EDU/5206871229/UNAK-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/6001692039/HI-Protected/umsoknir-v1 + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' grantNamespaces: - - islandis - - nginx-ingress-internal - - application-system + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -53,8 +53,8 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway - namespace: services-university-gateway + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -66,21 +66,21 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 384Mi + cpu: '200m' + memory: '384Mi' requests: - cpu: 50m - memory: 256Mi - schedule: 0 * * * * + cpu: '50m' + memory: '256Mi' + schedule: '0 * * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-university-gateway/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/services-university-gateway-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' create: true - name: services-university-gateway-worker + name: 'services-university-gateway-worker' diff --git a/charts/services/services-university-gateway-worker/values.staging.yaml b/charts/services/services-university-gateway-worker/values.staging.yaml index 33d631850ec9..e558c5968f38 100644 --- a/charts/services/services-university-gateway-worker/values.staging.yaml +++ b/charts/services/services-university-gateway-worker/values.staging.yaml @@ -1,48 +1,47 @@ service: - name: services-university-gateway-worker + name: 'services-university-gateway-worker' args: - - main.js - - --job - - worker + - 'main.js' + - '--job' + - 'worker' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_university_gateway - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_university_gateway - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10010/HI-Protected/umsoknir-v1 + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' grantNamespaces: - - islandis - - nginx-ingress-internal - - application-system + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -53,8 +52,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway - namespace: services-university-gateway + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' + namespace: 'services-university-gateway' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -66,21 +65,21 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 384Mi + cpu: '200m' + memory: '384Mi' requests: - cpu: 50m - memory: 256Mi - schedule: 0 2 * * * + cpu: '50m' + memory: '256Mi' + schedule: '0 2 * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-university-gateway/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/services-university-gateway-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' create: true - name: services-university-gateway-worker + name: 'services-university-gateway-worker' diff --git a/charts/services/services-university-gateway/values.dev.yaml b/charts/services/services-university-gateway/values.dev.yaml index f1c9a208d7d1..bdc386589440 100644 --- a/charts/services/services-university-gateway/values.dev.yaml +++ b/charts/services/services-university-gateway/values.dev.yaml @@ -1,46 +1,45 @@ service: - name: services-university-gateway + name: 'services-university-gateway' args: - - main.js + - 'main.js' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_university_gateway - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: services_university_gateway - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS-DEV/EDU/10010/HI-Protected/umsoknir-v1 + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' grantNamespaces: - - islandis - - nginx-ingress-internal - - application-system + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -51,53 +50,52 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: services-university-gateway.internal.dev01.devland.is + - host: 'services-university-gateway.internal.dev01.devland.is' paths: - - /api + - '/api' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' - args: - - sequelize-cli - - db:seed:all + - 'sequelize-cli' + - 'db:seed:all' command: - - npx - name: seed + - 'npx' + name: 'seed' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: services_university_gateway - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: services_university_gateway - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'services_university_gateway' secrets: - DB_PASS: /k8s/services-university-gateway/DB_PASSWORD - namespace: services-university-gateway + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -109,20 +107,20 @@ service: min: 2 resources: limits: - cpu: 200m - memory: 384Mi + cpu: '200m' + memory: '384Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-university-gateway/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/services-university-gateway + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' create: true - name: services-university-gateway + name: 'services-university-gateway' diff --git a/charts/services/services-university-gateway/values.prod.yaml b/charts/services/services-university-gateway/values.prod.yaml index 77a6c7378674..ea7c51eefcb0 100644 --- a/charts/services/services-university-gateway/values.prod.yaml +++ b/charts/services/services-university-gateway/values.prod.yaml @@ -1,46 +1,46 @@ service: - name: services-university-gateway + name: 'services-university-gateway' args: - - main.js + - 'main.js' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_university_gateway - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_university_gateway - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/4112043590/LBHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS/EDU/5001694359/Holar-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS/EDU/4210984099/LHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS/EDU/5206871229/UNAK-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS/EDU/6001692039/HI-Protected/umsoknir-v1 + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' grantNamespaces: - - islandis - - nginx-ingress-internal - - application-system + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -51,53 +51,53 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: services-university-gateway.internal.island.is + - host: 'services-university-gateway.internal.island.is' paths: - - /api + - '/api' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' - args: - - sequelize-cli - - db:seed:all + - 'sequelize-cli' + - 'db:seed:all' command: - - npx - name: seed + - 'npx' + name: 'seed' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: services_university_gateway - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_university_gateway - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/services-university-gateway/DB_PASSWORD - namespace: services-university-gateway + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -109,20 +109,20 @@ service: min: 2 resources: limits: - cpu: 200m - memory: 384Mi + cpu: '200m' + memory: '384Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-university-gateway/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/services-university-gateway + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' create: true - name: services-university-gateway + name: 'services-university-gateway' diff --git a/charts/services/services-university-gateway/values.staging.yaml b/charts/services/services-university-gateway/values.staging.yaml index 405303e9db5b..1df2efda227d 100644 --- a/charts/services/services-university-gateway/values.staging.yaml +++ b/charts/services/services-university-gateway/values.staging.yaml @@ -1,46 +1,45 @@ service: - name: services-university-gateway + name: 'services-university-gateway' args: - - main.js + - 'main.js' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: services_university_gateway - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_university_gateway - IDENTITY_SERVER_CLIENT_ID: "@island.is/clients/university-gateway" - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' + IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1 - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: IS-TEST/EDU/10010/HI-Protected/umsoknir-v1 + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' + XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' grantNamespaces: - - islandis - - nginx-ingress-internal - - application-system + - 'islandis' + - 'nginx-ingress-internal' + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -51,53 +50,52 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: services-university-gateway.internal.staging01.devland.is + - host: 'services-university-gateway.internal.staging01.devland.is' paths: - - /api + - '/api' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' - args: - - sequelize-cli - - db:seed:all + - 'sequelize-cli' + - 'db:seed:all' command: - - npx - name: seed + - 'npx' + name: 'seed' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: services_university_gateway - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: services_university_gateway - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'services_university_gateway' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'services_university_gateway' secrets: - DB_PASS: /k8s/services-university-gateway/DB_PASSWORD - namespace: services-university-gateway + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + namespace: 'services-university-gateway' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -109,20 +107,20 @@ service: min: 2 resources: limits: - cpu: 200m - memory: 384Mi + cpu: '200m' + memory: '384Mi' requests: - cpu: 50m - memory: 256Mi + cpu: '50m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/services-university-gateway/DB_PASSWORD - IDENTITY_SERVER_CLIENT_SECRET: /k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/services-university-gateway + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' create: true - name: services-university-gateway + name: 'services-university-gateway' diff --git a/charts/services/skilavottord-web/values.dev.yaml b/charts/services/skilavottord-web/values.dev.yaml index b854faaac36a..037270eb0b76 100644 --- a/charts/services/skilavottord-web/values.dev.yaml +++ b/charts/services/skilavottord-web/values.dev.yaml @@ -1,23 +1,22 @@ service: - name: skilavottord-web + name: 'skilavottord-web' enabled: true env: - API_URL: http://web-skilavottord-ws - ENVIRONMENT: dev - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -28,19 +27,19 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.dev01.devland.is + - host: 'beta.dev01.devland.is' paths: - - /app/skilavottord/ - namespace: skilavottord + - '/app/skilavottord/' + namespace: 'skilavottord' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -50,19 +49,19 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 40m - memory: 256Mi + cpu: '40m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN - IDENTITY_SERVER_DOMAIN: /k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: /k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL - NEXTAUTH_URL: /k8s/skilavottord/web/NEXTAUTH_URL - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: /k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/skilavottord-web/values.prod.yaml b/charts/services/skilavottord-web/values.prod.yaml index dbf4128c2768..641797df4f17 100644 --- a/charts/services/skilavottord-web/values.prod.yaml +++ b/charts/services/skilavottord-web/values.prod.yaml @@ -1,23 +1,23 @@ service: - name: skilavottord-web + name: 'skilavottord-web' enabled: true env: - API_URL: http://web-skilavottord-ws - ENVIRONMENT: prod - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -28,22 +28,22 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: island.is + - host: 'island.is' paths: - - /app/skilavottord/ - - host: www.island.is + - '/app/skilavottord/' + - host: 'www.island.is' paths: - - /app/skilavottord/ - namespace: skilavottord + - '/app/skilavottord/' + namespace: 'skilavottord' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -53,19 +53,19 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 40m - memory: 256Mi + cpu: '40m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN - IDENTITY_SERVER_DOMAIN: /k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: /k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL - NEXTAUTH_URL: /k8s/skilavottord/web/NEXTAUTH_URL - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: /k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/skilavottord-web/values.staging.yaml b/charts/services/skilavottord-web/values.staging.yaml index 83d820554f3c..4c15333f73f3 100644 --- a/charts/services/skilavottord-web/values.staging.yaml +++ b/charts/services/skilavottord-web/values.staging.yaml @@ -1,23 +1,22 @@ service: - name: skilavottord-web + name: 'skilavottord-web' enabled: true env: - API_URL: http://web-skilavottord-ws - ENVIRONMENT: staging - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + API_URL: 'http://web-skilavottord-ws' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: - - nginx-ingress-external + - 'nginx-ingress-external' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -28,19 +27,19 @@ service: max: 10 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.staging01.devland.is + - host: 'beta.staging01.devland.is' paths: - - /app/skilavottord/ - namespace: skilavottord + - '/app/skilavottord/' + namespace: 'skilavottord' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -50,19 +49,19 @@ service: min: 2 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 40m - memory: 256Mi + cpu: '40m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN - IDENTITY_SERVER_DOMAIN: /k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: /k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL - NEXTAUTH_URL: /k8s/skilavottord/web/NEXTAUTH_URL - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: /k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' + IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' + IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' + NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' + SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/skilavottord-ws/values.dev.yaml b/charts/services/skilavottord-ws/values.dev.yaml index a92bcc8894e3..4e833a7d4c05 100644 --- a/charts/services/skilavottord-ws/values.dev.yaml +++ b/charts/services/skilavottord-ws/values.dev.yaml @@ -1,26 +1,25 @@ service: - name: skilavottord-ws + name: 'skilavottord-ws' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: skilavottord - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: skilavottord - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: - - application-system + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,40 +30,39 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.dev01.devland.is + - host: 'beta.dev01.devland.is' paths: - - /app/skilavottord/api/graphql + - '/app/skilavottord/api/graphql' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: skilavottord - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: skilavottord - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'skilavottord' secrets: - DB_PASS: /k8s/skilavottord/DB_PASSWORD - namespace: skilavottord + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -74,24 +72,24 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 40m - memory: 256Mi + cpu: '40m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/skilavottord/DB_PASSWORD - FJARSYSLA_REST_PASS: /k8s/skilavottord/FJARSYSLA_REST_PASS - FJARSYSLA_REST_URL: /k8s/skilavottord-ws/FJARSYSLA_REST_URL - FJARSYSLA_REST_USER: /k8s/skilavottord/FJARSYSLA_REST_USER - SAMGONGUSTOFA_REST_AUTH_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL - SAMGONGUSTOFA_REST_DEREG_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL - SAMGONGUSTOFA_REST_PASS: /k8s/skilavottord/SAMGONGUSTOFA_REST_PASS - SAMGONGUSTOFA_REST_USER: /k8s/skilavottord/SAMGONGUSTOFA_REST_USER - SAMGONGUSTOFA_SOAP_PASS: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS - SAMGONGUSTOFA_SOAP_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL - SAMGONGUSTOFA_SOAP_USER: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/skilavottord-ws/values.prod.yaml b/charts/services/skilavottord-ws/values.prod.yaml index 7f22104adb13..a85d5a422961 100644 --- a/charts/services/skilavottord-ws/values.prod.yaml +++ b/charts/services/skilavottord-ws/values.prod.yaml @@ -1,26 +1,26 @@ service: - name: skilavottord-ws + name: 'skilavottord-ws' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: skilavottord - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: skilavottord - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - application-system + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,43 +31,43 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: island.is + - host: 'island.is' paths: - - /app/skilavottord/api/graphql - - host: www.island.is + - '/app/skilavottord/api/graphql' + - host: 'www.island.is' paths: - - /app/skilavottord/api/graphql + - '/app/skilavottord/api/graphql' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: skilavottord - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: skilavottord - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/skilavottord/DB_PASSWORD - namespace: skilavottord + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -77,24 +77,24 @@ service: min: 3 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 40m - memory: 256Mi + cpu: '40m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/skilavottord/DB_PASSWORD - FJARSYSLA_REST_PASS: /k8s/skilavottord/FJARSYSLA_REST_PASS - FJARSYSLA_REST_URL: /k8s/skilavottord-ws/FJARSYSLA_REST_URL - FJARSYSLA_REST_USER: /k8s/skilavottord/FJARSYSLA_REST_USER - SAMGONGUSTOFA_REST_AUTH_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL - SAMGONGUSTOFA_REST_DEREG_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL - SAMGONGUSTOFA_REST_PASS: /k8s/skilavottord/SAMGONGUSTOFA_REST_PASS - SAMGONGUSTOFA_REST_USER: /k8s/skilavottord/SAMGONGUSTOFA_REST_USER - SAMGONGUSTOFA_SOAP_PASS: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS - SAMGONGUSTOFA_SOAP_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL - SAMGONGUSTOFA_SOAP_USER: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/skilavottord-ws/values.staging.yaml b/charts/services/skilavottord-ws/values.staging.yaml index 443e80af7f46..9ef16b1d0b9f 100644 --- a/charts/services/skilavottord-ws/values.staging.yaml +++ b/charts/services/skilavottord-ws/values.staging.yaml @@ -1,26 +1,25 @@ service: - name: skilavottord-ws + name: 'skilavottord-ws' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: skilavottord - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: skilavottord - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=460 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' grantNamespaces: - - application-system + - 'application-system' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 hpa: scaling: @@ -31,40 +30,39 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.staging01.devland.is + - host: 'beta.staging01.devland.is' paths: - - /app/skilavottord/api/graphql + - '/app/skilavottord/api/graphql' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: skilavottord - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: skilavottord - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'skilavottord' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'skilavottord' secrets: - DB_PASS: /k8s/skilavottord/DB_PASSWORD - namespace: skilavottord + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + namespace: 'skilavottord' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -74,24 +72,24 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 512Mi + cpu: '400m' + memory: '512Mi' requests: - cpu: 40m - memory: 256Mi + cpu: '40m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/skilavottord/DB_PASSWORD - FJARSYSLA_REST_PASS: /k8s/skilavottord/FJARSYSLA_REST_PASS - FJARSYSLA_REST_URL: /k8s/skilavottord-ws/FJARSYSLA_REST_URL - FJARSYSLA_REST_USER: /k8s/skilavottord/FJARSYSLA_REST_USER - SAMGONGUSTOFA_REST_AUTH_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL - SAMGONGUSTOFA_REST_DEREG_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL - SAMGONGUSTOFA_REST_PASS: /k8s/skilavottord/SAMGONGUSTOFA_REST_PASS - SAMGONGUSTOFA_REST_USER: /k8s/skilavottord/SAMGONGUSTOFA_REST_USER - SAMGONGUSTOFA_SOAP_PASS: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS - SAMGONGUSTOFA_SOAP_URL: /k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL - SAMGONGUSTOFA_SOAP_USER: /k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/skilavottord/DB_PASSWORD' + FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' + FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' + FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' + SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' + SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' + SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' + SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' + SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' + SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' + SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/unicorn-app/values.dev.yaml b/charts/services/unicorn-app/values.dev.yaml index ab73cf720e77..1dc720147579 100644 --- a/charts/services/unicorn-app/values.dev.yaml +++ b/charts/services/unicorn-app/values.dev.yaml @@ -1,20 +1,19 @@ service: - name: unicorn-app + name: 'unicorn-app' enabled: true env: - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -25,17 +24,17 @@ service: max: 10 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: unicorn-app.dev01.devland.is + - host: 'unicorn-app.dev01.devland.is' paths: - - / - namespace: unicorn-app + - '/' + namespace: 'unicorn-app' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -47,18 +46,18 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/unicorn-app + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' create: true - name: unicorn-app + name: 'unicorn-app' diff --git a/charts/services/user-notification-cleanup-worker/values.dev.yaml b/charts/services/user-notification-cleanup-worker/values.dev.yaml index 7f47b7b75fe4..ea56d35965d0 100644 --- a/charts/services/user-notification-cleanup-worker/values.dev.yaml +++ b/charts/services/user-notification-cleanup-worker/values.dev.yaml @@ -1,33 +1,32 @@ service: - name: user-notification-cleanup-worker + name: 'user-notification-cleanup-worker' args: - - --no-experimental-fetch - - main.js - - --job=cleanup + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: user_notification - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server-delegation + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -38,31 +37,30 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: user_notification - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' secrets: - DB_PASS: /k8s/user-notification/DB_PASSWORD - namespace: user-notification + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -74,20 +72,20 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi - schedule: "@hourly" + cpu: '100m' + memory: '128Mi' + schedule: '@hourly' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/user-notification/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/user-notification-cleanup-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' create: true - name: user-notification-cleanup-worker + name: 'user-notification-cleanup-worker' diff --git a/charts/services/user-notification-cleanup-worker/values.prod.yaml b/charts/services/user-notification-cleanup-worker/values.prod.yaml index 57768e900c23..79c984f468d7 100644 --- a/charts/services/user-notification-cleanup-worker/values.prod.yaml +++ b/charts/services/user-notification-cleanup-worker/values.prod.yaml @@ -1,33 +1,33 @@ service: - name: user-notification-cleanup-worker + name: 'user-notification-cleanup-worker' args: - - --no-experimental-fetch - - main.js - - --job=cleanup + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: user_notification - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server-delegation + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -38,31 +38,31 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: user_notification - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/user-notification/DB_PASSWORD - namespace: user-notification + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -74,20 +74,20 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi - schedule: "@midnight" + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/user-notification/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/user-notification-cleanup-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' create: true - name: user-notification-cleanup-worker + name: 'user-notification-cleanup-worker' diff --git a/charts/services/user-notification-cleanup-worker/values.staging.yaml b/charts/services/user-notification-cleanup-worker/values.staging.yaml index 104aa292cc69..e63b9c1de642 100644 --- a/charts/services/user-notification-cleanup-worker/values.staging.yaml +++ b/charts/services/user-notification-cleanup-worker/values.staging.yaml @@ -1,33 +1,32 @@ service: - name: user-notification-cleanup-worker + name: 'user-notification-cleanup-worker' args: - - --no-experimental-fetch - - main.js - - --job=cleanup + - '--no-experimental-fetch' + - 'main.js' + - '--job=cleanup' command: - - node + - 'node' enabled: true env: - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: user_notification - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server-delegation + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -38,31 +37,30 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: user_notification - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' secrets: - DB_PASS: /k8s/user-notification/DB_PASSWORD - namespace: user-notification + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -74,20 +72,20 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi - schedule: "@midnight" + cpu: '100m' + memory: '128Mi' + schedule: '@midnight' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DB_PASS: /k8s/user-notification/DB_PASSWORD + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/user-notification-cleanup-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' create: true - name: user-notification-cleanup-worker + name: 'user-notification-cleanup-worker' diff --git a/charts/services/user-notification-worker/values.dev.yaml b/charts/services/user-notification-worker/values.dev.yaml index 9f9bb5cfe0a7..09996cd541dd 100644 --- a/charts/services/user-notification-worker/values.dev.yaml +++ b/charts/services/user-notification-worker/values.dev.yaml @@ -1,56 +1,55 @@ service: - name: user-notification-worker + name: 'user-notification-worker' args: - - --no-experimental-fetch - - main.js - - --job=worker + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' command: - - node + - 'node' enabled: true env: - AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 - CONTENTFUL_HOST: preview.contentful.com - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: user_notification - DEAD_LETTER_QUEUE_NAME: user-notification-failure - EMAIL_FROM_ADDRESS: development@island.is - EMAIL_REGION: eu-west-1 - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - MAIN_QUEUE_NAME: user-notification - NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'preview.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: "" - SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur - USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + REDIS_USE_SSL: 'true' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server-delegation + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -61,31 +60,30 @@ service: max: 2 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: user_notification - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' secrets: - DB_PASS: /k8s/user-notification/DB_PASSWORD - namespace: user-notification + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -97,24 +95,24 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 384Mi + cpu: '400m' + memory: '384Mi' requests: - cpu: 150m - memory: 256Mi + cpu: '150m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN - DB_PASS: /k8s/user-notification/DB_PASSWORD - FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials - IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID - IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/user-notification-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' create: true - name: user-notification-worker + name: 'user-notification-worker' diff --git a/charts/services/user-notification-worker/values.prod.yaml b/charts/services/user-notification-worker/values.prod.yaml index dfd986d78c8c..e1f0e8b9ee25 100644 --- a/charts/services/user-notification-worker/values.prod.yaml +++ b/charts/services/user-notification-worker/values.prod.yaml @@ -1,56 +1,56 @@ service: - name: user-notification-worker + name: 'user-notification-worker' args: - - --no-experimental-fetch - - main.js - - --job=worker + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' command: - - node + - 'node' enabled: true env: - AUTH_DELEGATION_API_URL: https://auth-delegation-api.internal.innskra.island.is + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 - CONTENTFUL_HOST: cdn.contentful.com - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: user_notification - DEAD_LETTER_QUEUE_NAME: user-notification-failure - EMAIL_FROM_ADDRESS: noreply@island.is - EMAIL_REGION: eu-west-1 - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - MAIN_QUEUE_NAME: user-notification - NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur - USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server-delegation + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -61,31 +61,31 @@ service: max: 2 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: user_notification - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' secrets: - DB_PASS: /k8s/user-notification/DB_PASSWORD - namespace: user-notification + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -97,24 +97,24 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 384Mi + cpu: '400m' + memory: '384Mi' requests: - cpu: 150m - memory: 256Mi + cpu: '150m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN - DB_PASS: /k8s/user-notification/DB_PASSWORD - FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials - IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID - IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/user-notification-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' create: true - name: user-notification-worker + name: 'user-notification-worker' diff --git a/charts/services/user-notification-worker/values.staging.yaml b/charts/services/user-notification-worker/values.staging.yaml index a53ef3362ca7..cd945064f475 100644 --- a/charts/services/user-notification-worker/values.staging.yaml +++ b/charts/services/user-notification-worker/values.staging.yaml @@ -1,56 +1,55 @@ service: - name: user-notification-worker + name: 'user-notification-worker' args: - - --no-experimental-fetch - - main.js - - --job=worker + - '--no-experimental-fetch' + - 'main.js' + - '--job=worker' command: - - node + - 'node' enabled: true env: - AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 - CONTENTFUL_HOST: cdn.contentful.com - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: user_notification - DEAD_LETTER_QUEUE_NAME: user-notification-failure - EMAIL_FROM_ADDRESS: development@island.is - EMAIL_REGION: eu-west-1 - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - MAIN_QUEUE_NAME: user-notification - NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + CONTENTFUL_HOST: 'cdn.contentful.com' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + EMAIL_REGION: 'eu-west-1' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: "" - SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur - USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + REDIS_USE_SSL: 'true' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server-delegation + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -61,31 +60,30 @@ service: max: 2 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' initContainer: containers: - args: - - sequelize-cli - - db:migrate + - 'sequelize-cli' + - 'db:migrate' command: - - npx - name: migrations + - 'npx' + name: 'migrations' resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 50m - memory: 128Mi + cpu: '50m' + memory: '128Mi' env: - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: user_notification - SERVERSIDE_FEATURES_ON: "" + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' secrets: - DB_PASS: /k8s/user-notification/DB_PASSWORD - namespace: user-notification + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + namespace: 'user-notification' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -97,24 +95,24 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 384Mi + cpu: '400m' + memory: '384Mi' requests: - cpu: 150m - memory: 256Mi + cpu: '150m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN - DB_PASS: /k8s/user-notification/DB_PASSWORD - FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials - IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID - IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/user-notification-worker + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' create: true - name: user-notification-worker + name: 'user-notification-worker' diff --git a/charts/services/user-notification/values.dev.yaml b/charts/services/user-notification/values.dev.yaml index 82e91b49f50f..d1c2ee456081 100644 --- a/charts/services/user-notification/values.dev.yaml +++ b/charts/services/user-notification/values.dev.yaml @@ -1,53 +1,52 @@ service: - name: user-notification + name: 'user-notification' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-DEV/GOV/10006/Skatturinn/ft-v1 - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications-reader.internal - DB_USER: user_notification - DEAD_LETTER_QUEUE_NAME: user-notification-failure - EMAIL_FROM_ADDRESS: development@island.is - IDENTITY_SERVER_ISSUER_URL: https://identity-server.dev01.devland.is - LOG_LEVEL: info - MAIN_QUEUE_NAME: user-notification - NATIONAL_REGISTRY_B2C_CLIENT_ID: b464afdd-056b-406d-b650-6d41733cfeb7 - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitydev.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications-reader.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: "" - SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur - USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + REDIS_USE_SSL: 'true' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server-delegation + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -58,19 +57,19 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: user-notification-xrd.internal.dev01.devland.is + - host: 'user-notification-xrd.internal.dev01.devland.is' paths: - - / - namespace: user-notification + - '/' + namespace: 'user-notification' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -82,24 +81,24 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 384Mi + cpu: '400m' + memory: '384Mi' requests: - cpu: 150m - memory: 256Mi + cpu: '150m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN - DB_PASS: /k8s/user-notification/DB_PASSWORD - FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials - IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID - IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/user-notification + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' create: true - name: user-notification + name: 'user-notification' diff --git a/charts/services/user-notification/values.prod.yaml b/charts/services/user-notification/values.prod.yaml index d2662cd5b25f..d272085144bb 100644 --- a/charts/services/user-notification/values.prod.yaml +++ b/charts/services/user-notification/values.prod.yaml @@ -1,53 +1,53 @@ service: - name: user-notification + name: 'user-notification' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - AUTH_DELEGATION_API_URL: https://auth-delegation-api.internal.innskra.island.is + AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS/GOV/5402696029/Skatturinn/ft-v1 - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: user_notification - DEAD_LETTER_QUEUE_NAME: user-notification-failure - EMAIL_FROM_ADDRESS: noreply@island.is - IDENTITY_SERVER_ISSUER_URL: https://innskra.island.is - LOG_LEVEL: info - MAIN_QUEUE_NAME: user-notification - NATIONAL_REGISTRY_B2C_CLIENT_ID: 2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentity.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'noreply@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur - USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server-delegation + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -58,19 +58,19 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: user-notification-xrd.internal.island.is + - host: 'user-notification-xrd.internal.island.is' paths: - - / - namespace: user-notification + - '/' + namespace: 'user-notification' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -82,24 +82,24 @@ service: min: 3 resources: limits: - cpu: 400m - memory: 384Mi + cpu: '400m' + memory: '384Mi' requests: - cpu: 150m - memory: 256Mi + cpu: '150m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN - DB_PASS: /k8s/user-notification/DB_PASSWORD - FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials - IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID - IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/user-notification + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' create: true - name: user-notification + name: 'user-notification' diff --git a/charts/services/user-notification/values.staging.yaml b/charts/services/user-notification/values.staging.yaml index 65305b477c5e..3ec76ebb401d 100644 --- a/charts/services/user-notification/values.staging.yaml +++ b/charts/services/user-notification/values.staging.yaml @@ -1,53 +1,52 @@ service: - name: user-notification + name: 'user-notification' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - AUTH_DELEGATION_API_URL: http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local + AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: IS-TEST/GOV/5402696029/Skatturinn/ft-v1 - DB_HOST: postgres-applications.internal - DB_NAME: user_notification - DB_REPLICAS_HOST: postgres-applications.internal - DB_USER: user_notification - DEAD_LETTER_QUEUE_NAME: user-notification-failure - EMAIL_FROM_ADDRESS: development@island.is - IDENTITY_SERVER_ISSUER_URL: https://identity-server.staging01.devland.is - LOG_LEVEL: info - MAIN_QUEUE_NAME: user-notification - NATIONAL_REGISTRY_B2C_CLIENT_ID: ca128c23-b43c-443d-bade-ec5a146a933f - NATIONAL_REGISTRY_B2C_ENDPOINT: https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token - NATIONAL_REGISTRY_B2C_PATH: IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1 - NATIONAL_REGISTRY_B2C_SCOPE: https://skraidentitystaging.onmicrosoft.com/midlun/.default - NODE_OPTIONS: --max-old-space-size=345 -r dd-trace/init + COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' + DB_HOST: 'postgres-applications.internal' + DB_NAME: 'user_notification' + DB_REPLICAS_HOST: 'postgres-applications.internal' + DB_USER: 'user_notification' + DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' + EMAIL_FROM_ADDRESS: 'development@island.is' + IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' + LOG_LEVEL: 'info' + MAIN_QUEUE_NAME: 'user-notification' + NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' + NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' + NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' + NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' + NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: "true" - SERVERSIDE_FEATURES_ON: "" - SERVICE_PORTAL_CLICK_ACTION_URL: https://island.is/minarsidur - USER_PROFILE_CLIENT_URL: http://web-service-portal-api.service-portal.svc.cluster.local - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + REDIS_USE_SSL: 'true' + SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' + USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' grantNamespaces: - - nginx-ingress-internal - - islandis - - identity-server-delegation + - 'nginx-ingress-internal' + - 'islandis' + - 'identity-server-delegation' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: /health/check + path: '/health/check' timeoutSeconds: 3 hpa: scaling: @@ -58,19 +57,19 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-internal-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-internal-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: user-notification-xrd.internal.staging01.devland.is + - host: 'user-notification-xrd.internal.staging01.devland.is' paths: - - / - namespace: user-notification + - '/' + namespace: 'user-notification' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -82,24 +81,24 @@ service: min: 1 resources: limits: - cpu: 400m - memory: 384Mi + cpu: '400m' + memory: '384Mi' requests: - cpu: 150m - memory: 256Mi + cpu: '150m' + memory: '256Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - CONTENTFUL_ACCESS_TOKEN: /k8s/user-notification/CONTENTFUL_ACCESS_TOKEN - DB_PASS: /k8s/user-notification/DB_PASSWORD - FIREBASE_CREDENTIALS: /k8s/user-notification/firestore-credentials - IDENTITY_SERVER_CLIENT_ID: /k8s/user-notification/USER_NOTIFICATION_CLIENT_ID - IDENTITY_SERVER_CLIENT_SECRET: /k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: /k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' + DB_PASS: '/k8s/user-notification/DB_PASSWORD' + FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' + IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' + IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' + NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/user-notification + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' create: true - name: user-notification + name: 'user-notification' diff --git a/charts/services/web/values.dev.yaml b/charts/services/web/values.dev.yaml index 9a5018df4148..e11d74732817 100644 --- a/charts/services/web/values.dev.yaml +++ b/charts/services/web/values.dev.yaml @@ -1,31 +1,30 @@ service: - name: web + name: 'web' enabled: true env: - API_URL: http://web-api - DISABLE_API_CATALOGUE: "false" - DISABLE_ORGANIZATION_CHATBOT: "false" - DISABLE_SYSLUMENN_PAGE: "false" - ENVIRONMENT: dev - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - TRACKING_DOMAIN: beta.dev01.devland.is + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'dev' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + TRACKING_DOMAIN: 'beta.dev01.devland.is' grantNamespaces: - - nginx-ingress-external - - api-catalogue - - application-system - - consultation-portal - - search-indexer + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 20 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -36,19 +35,19 @@ service: max: 50 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.dev01.devland.is + - host: 'beta.dev01.devland.is' paths: - - / - namespace: islandis + - '/' + namespace: 'islandis' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -58,15 +57,15 @@ service: min: 2 resources: limits: - cpu: 1000m - memory: 768Mi + cpu: '1000m' + memory: '768Mi' requests: - cpu: 300m - memory: 384Mi + cpu: '300m' + memory: '384Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/web/values.prod.yaml b/charts/services/web/values.prod.yaml index 77ef21bcdd72..a2b045c95489 100644 --- a/charts/services/web/values.prod.yaml +++ b/charts/services/web/values.prod.yaml @@ -1,31 +1,31 @@ service: - name: web + name: 'web' enabled: true env: - API_URL: http://web-api - DISABLE_API_CATALOGUE: "false" - DISABLE_ORGANIZATION_CHATBOT: "false" - DISABLE_SYSLUMENN_PAGE: "false" - ENVIRONMENT: prod - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - TRACKING_DOMAIN: island.is + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'prod' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + TRACKING_DOMAIN: 'island.is' grantNamespaces: - - nginx-ingress-external - - api-catalogue - - application-system - - consultation-portal - - search-indexer + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 20 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -36,22 +36,22 @@ service: max: 50 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: island.is + - host: 'island.is' paths: - - / - - host: www.island.is + - '/' + - host: 'www.island.is' paths: - - / - namespace: islandis + - '/' + namespace: 'islandis' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -61,15 +61,15 @@ service: min: 2 resources: limits: - cpu: 1000m - memory: 768Mi + cpu: '1000m' + memory: '768Mi' requests: - cpu: 300m - memory: 384Mi + cpu: '300m' + memory: '384Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/web/values.staging.yaml b/charts/services/web/values.staging.yaml index 6605f9c6cbca..8858bfab5d55 100644 --- a/charts/services/web/values.staging.yaml +++ b/charts/services/web/values.staging.yaml @@ -1,32 +1,31 @@ service: - name: web - basicAuth: /k8s/web/basic_auth + name: 'web' + basicAuth: '/k8s/web/basic_auth' enabled: true env: - API_URL: http://web-api - DISABLE_API_CATALOGUE: "false" - DISABLE_ORGANIZATION_CHATBOT: "false" - DISABLE_SYSLUMENN_PAGE: "false" - ENVIRONMENT: staging - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=691 -r dd-trace/init - SERVERSIDE_FEATURES_ON: "" - TRACKING_DOMAIN: beta.staging01.devland.is + API_URL: 'http://web-api' + DISABLE_API_CATALOGUE: 'false' + DISABLE_ORGANIZATION_CHATBOT: 'false' + DISABLE_SYSLUMENN_PAGE: 'false' + ENVIRONMENT: 'staging' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + TRACKING_DOMAIN: 'beta.staging01.devland.is' grantNamespaces: - - nginx-ingress-external - - api-catalogue - - application-system - - consultation-portal - - search-indexer + - 'nginx-ingress-external' + - 'api-catalogue' + - 'application-system' + - 'consultation-portal' + - 'search-indexer' grantNamespacesEnabled: true healthCheck: liveness: initialDelaySeconds: 3 - path: /liveness + path: '/liveness' timeoutSeconds: 3 readiness: initialDelaySeconds: 20 - path: /readiness + path: '/readiness' timeoutSeconds: 3 hpa: scaling: @@ -37,19 +36,19 @@ service: max: 50 min: 2 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/web + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' ingress: primary-alb: annotations: - kubernetes.io/ingress.class: nginx-external-alb - nginx.ingress.kubernetes.io/proxy-buffer-size: 8k - nginx.ingress.kubernetes.io/proxy-buffering: on - nginx.ingress.kubernetes.io/service-upstream: "true" + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' + nginx.ingress.kubernetes.io/proxy-buffering: 'on' + nginx.ingress.kubernetes.io/service-upstream: 'true' hosts: - - host: beta.staging01.devland.is + - host: 'beta.staging01.devland.is' paths: - - / - namespace: islandis + - '/' + namespace: 'islandis' podDisruptionBudget: maxUnavailable: 1 pvcs: [] @@ -59,15 +58,15 @@ service: min: 2 resources: limits: - cpu: 1000m - memory: 768Mi + cpu: '1000m' + memory: '768Mi' requests: - cpu: 300m - memory: 384Mi + cpu: '300m' + memory: '384Mi' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY - DD_RUM_APPLICATION_ID: /k8s/DD_RUM_APPLICATION_ID - DD_RUM_CLIENT_TOKEN: /k8s/DD_RUM_CLIENT_TOKEN + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' + DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/charts/services/xroad-collector/values.dev.yaml b/charts/services/xroad-collector/values.dev.yaml index f0c765a7111b..e712a84155da 100644 --- a/charts/services/xroad-collector/values.dev.yaml +++ b/charts/services/xroad-collector/values.dev.yaml @@ -1,32 +1,31 @@ service: - name: xroad-collector + name: 'xroad-collector' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - ELASTIC_NODE: https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - NODE_TLS_REJECT_UNAUTHORIZED: "0" - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.dev01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.dev01.devland.is/r1/IS-DEV - XROAD_CLIENT_ID: IS-DEV/GOV/10000/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.dev01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.dev01.devland.is/r1/IS-DEV + ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' + XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -37,8 +36,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector - namespace: xroad-collector + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -50,19 +49,19 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi - schedule: 0 2 * * * + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::013313053092:role/xroad-collector + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' create: true - name: xroad-collector + name: 'xroad-collector' diff --git a/charts/services/xroad-collector/values.prod.yaml b/charts/services/xroad-collector/values.prod.yaml index 716f60b21f0e..d02d4af938d8 100644 --- a/charts/services/xroad-collector/values.prod.yaml +++ b/charts/services/xroad-collector/values.prod.yaml @@ -1,32 +1,32 @@ service: - name: xroad-collector + name: 'xroad-collector' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - ELASTIC_NODE: https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - NODE_TLS_REJECT_UNAUTHORIZED: "0" - SERVERSIDE_FEATURES_ON: driving-license-use-v1-endpoint-for-v2-comms - XROAD_BASE_PATH: http://securityserver.island.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.island.is/r1/IS - XROAD_CLIENT_ID: IS/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.island.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.island.is/r1/IS + ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + XROAD_BASE_PATH: 'http://securityserver.island.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' + XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -37,8 +37,8 @@ service: max: 10 min: 3 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector - namespace: xroad-collector + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -50,19 +50,19 @@ service: min: 3 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi - schedule: 0 2 * * * + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::251502586493:role/xroad-collector + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' create: true - name: xroad-collector + name: 'xroad-collector' diff --git a/charts/services/xroad-collector/values.staging.yaml b/charts/services/xroad-collector/values.staging.yaml index dc640c8db8d8..c02840afccd0 100644 --- a/charts/services/xroad-collector/values.staging.yaml +++ b/charts/services/xroad-collector/values.staging.yaml @@ -1,32 +1,31 @@ service: - name: xroad-collector + name: 'xroad-collector' args: - - --no-experimental-fetch - - main.js + - '--no-experimental-fetch' + - 'main.js' command: - - node + - 'node' enabled: true env: - ELASTIC_NODE: https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com - LOG_LEVEL: info - NODE_OPTIONS: --max-old-space-size=230 -r dd-trace/init - NODE_TLS_REJECT_UNAUTHORIZED: "0" - SERVERSIDE_FEATURES_ON: "" - XROAD_BASE_PATH: http://securityserver.staging01.devland.is - XROAD_BASE_PATH_WITH_ENV: http://securityserver.staging01.devland.is/r1/IS-TEST - XROAD_CLIENT_ID: IS-TEST/GOV/5501692829/island-is-client - XROAD_TLS_BASE_PATH: https://securityserver.staging01.devland.is - XROAD_TLS_BASE_PATH_WITH_ENV: https://securityserver.staging01.devland.is/r1/IS-TEST + ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + NODE_TLS_REJECT_UNAUTHORIZED: '0' + XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' + XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' + XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' + XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' + XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: liveness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 readiness: initialDelaySeconds: 3 - path: / + path: '/' timeoutSeconds: 3 hpa: scaling: @@ -37,8 +36,8 @@ service: max: 3 min: 1 image: - repository: 821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector - namespace: xroad-collector + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' + namespace: 'xroad-collector' podDisruptionBudget: maxUnavailable: 1 podSecurityContext: @@ -50,19 +49,19 @@ service: min: 1 resources: limits: - cpu: 200m - memory: 256Mi + cpu: '200m' + memory: '256Mi' requests: - cpu: 100m - memory: 128Mi - schedule: 0 2 * * * + cpu: '100m' + memory: '128Mi' + schedule: '0 2 * * *' secrets: - CONFIGCAT_SDK_KEY: /k8s/configcat/CONFIGCAT_SDK_KEY + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' securityContext: allowPrivilegeEscalation: false privileged: false serviceAccount: annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::261174024191:role/xroad-collector + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' create: true - name: xroad-collector + name: 'xroad-collector' diff --git a/infra/package.json b/infra/package.json index bf6322a2da85..37b440fdd44c 100644 --- a/infra/package.json +++ b/infra/package.json @@ -29,10 +29,10 @@ "@types/lodash": "4.14.160", "aws-sdk": "^2.1003.0", "glob": "10.3.3", - "js-yaml": "4.0.0", "json-refs": "3.0.15", "json-schema-to-zod": "2.4.1", "lodash": "4.17.21", + "yaml": "2.6.0", "yargs": "17.7.2" }, "volta": { diff --git a/infra/src/cli/generate-chart-values.ts b/infra/src/cli/generate-chart-values.ts index f463f666797b..95754981cf8b 100755 --- a/infra/src/cli/generate-chart-values.ts +++ b/infra/src/cli/generate-chart-values.ts @@ -5,59 +5,102 @@ import { Envs } from '../environments' import { OpsEnv } from '../dsl/types/input-types' import path from 'path' import yaml from 'yaml' -;(async () => { - console.log('Gathering charts') +import type { ToStringOptions } from 'yaml' + +const yamlOptions: ToStringOptions = { + defaultStringType: 'QUOTE_SINGLE', + defaultKeyType: 'PLAIN', +} + +// Recursive function to filter out empty string properties +const removeEmptyStringProperties = (obj: any): any => { + if (typeof obj !== 'object' || obj === null) return obj + + if (Array.isArray(obj)) { + return obj.map(removeEmptyStringProperties) + } + + return Object.fromEntries( + Object.entries(obj) + .filter(([_, value]) => value !== '') // Filter out empty strings + .map(([key, value]) => [key, removeEmptyStringProperties(value)]), // Recursively apply to nested objects + ) +} + +const writeYamlFile = (filePath: string, content: unknown) => { + const filteredContent = removeEmptyStringProperties(content) + const doc = new yaml.Document() + doc.contents = doc.createNode(filteredContent, { keepUndefined: false }) + + mkdirSync(path.dirname(filePath), { recursive: true }) + writeFileSync(filePath, doc.toString(yamlOptions), { encoding: 'utf8' }) +} + +const getReleaseTag = () => { + const releaseTagArg = process.argv.find((arg) => + arg.startsWith('--release-tag='), + ) + return releaseTagArg ? releaseTagArg.split('=')[1] : undefined +} + +async function generateChartValues() { + const releaseTag = getReleaseTag() + console.log( + 'Gathering charts', + releaseTag ? `with release tag: ${releaseTag}` : '', + ) + for (const [name, envs] of Object.entries(Deployments)) { for (const [envType, envName] of Object.entries(envs)) { console.log(`Processing ${name} ${envName} ${envType}`) - // Get the rendered environment values - const renderedValues = await renderEnv( - envType as OpsEnv, - name as ChartName, - ) + // Get rendered environment values and parse + const renderedYaml = await renderEnv(envType as OpsEnv, name as ChartName) + const renderedValues = yaml + .parseDocument(renderedYaml, { schema: 'json' }) + .toJSON() - // Ensure umbrella chart directory exists and write values - const umbrellaDir = path.join(__dirname, '/../../../charts', name) - mkdirSync(umbrellaDir, { recursive: true }) - writeFileSync( - path.join(umbrellaDir, `values.${Envs[envName].type}.yaml`), + // Write umbrella chart values + writeYamlFile( + path.join( + __dirname, + '/../../../charts', + name, + `values.${Envs[envName].type}.yaml`, + ), renderedValues, - { encoding: 'utf8' }, ) - // Get services for this chart and environment + // Write individual service values const services = Charts[name as ChartName][envType as OpsEnv] - - // Parse the rendered YAML - const parsedValues = yaml.parse(renderedValues) - - // Write individual service values files for (const service of services) { const serviceName = service.name() - const serviceDir = path.join( - __dirname, - '/../../../charts/services', - serviceName, - ) - mkdirSync(serviceDir, { recursive: true }) - - // Extract just this service's section and restructure it - if (parsedValues[serviceName]) { + if (renderedValues[serviceName]) { const serviceValues = { service: { name: serviceName, - ...parsedValues[serviceName], + ...renderedValues[serviceName], }, } - writeFileSync( - path.join(serviceDir, `values.${Envs[envName].type}.yaml`), - yaml.stringify(serviceValues), - { encoding: 'utf8' }, + // Add release tag to image if provided + if (releaseTag && serviceValues.service.image?.repository) { + serviceValues.service.image.repository += `:${releaseTag}` + } + + writeYamlFile( + path.join( + __dirname, + '/../../../charts/services', + serviceName, + `values.${Envs[envName].type}.yaml`, + ), + serviceValues, ) } } } } -})() +} + +generateChartValues().catch(console.error) diff --git a/infra/yarn.lock b/infra/yarn.lock index b8110816e3e0..97bc475a7bec 100644 --- a/infra/yarn.lock +++ b/infra/yarn.lock @@ -6688,11 +6688,11 @@ __metadata: esbuild-register: 3.3.2 glob: 10.3.3 jest: 27.2.4 - js-yaml: 4.0.0 json-refs: 3.0.15 json-schema-to-zod: 2.4.1 lodash: 4.17.21 typescript: 4.6.4 + yaml: 2.6.0 yargs: 17.7.2 languageName: unknown linkType: soft @@ -7728,17 +7728,6 @@ __metadata: languageName: node linkType: hard -"js-yaml@npm:4.0.0": - version: 4.0.0 - resolution: "js-yaml@npm:4.0.0" - dependencies: - argparse: ^2.0.1 - bin: - js-yaml: bin/js-yaml.js - checksum: 931d6dddb3589fa272c8273366c6dffa99fd6bd26ac7b70f9bac925c28cb7ae352b964192df84f90ecd7a2ff50ab87e6d58e2148eb19c89aa155c73ed847ab92 - languageName: node - linkType: hard - "js-yaml@npm:4.1.0": version: 4.1.0 resolution: "js-yaml@npm:4.1.0" @@ -10748,6 +10737,15 @@ __metadata: languageName: node linkType: hard +"yaml@npm:2.6.0": + version: 2.6.0 + resolution: "yaml@npm:2.6.0" + bin: + yaml: bin.mjs + checksum: e5e74fd75e01bde2c09333d529af9fbb5928c5f7f01bfdefdcb2bf753d4ef489a45cab4deac01c9448f55ca27e691612b81fe3c3a59bb8cb5b0069da0f92cf0b + languageName: node + linkType: hard + "yaml@npm:^1.7.2": version: 1.10.2 resolution: "yaml@npm:1.10.2" From 180940dbefbd7ca900d02ca0f86f6c3167062c9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 13 Nov 2024 09:51:53 +0000 Subject: [PATCH 25/50] fix: remove release-tag arg --- infra/src/cli/generate-chart-values.ts | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) diff --git a/infra/src/cli/generate-chart-values.ts b/infra/src/cli/generate-chart-values.ts index 95754981cf8b..3a6d7e9514ab 100755 --- a/infra/src/cli/generate-chart-values.ts +++ b/infra/src/cli/generate-chart-values.ts @@ -36,19 +36,8 @@ const writeYamlFile = (filePath: string, content: unknown) => { writeFileSync(filePath, doc.toString(yamlOptions), { encoding: 'utf8' }) } -const getReleaseTag = () => { - const releaseTagArg = process.argv.find((arg) => - arg.startsWith('--release-tag='), - ) - return releaseTagArg ? releaseTagArg.split('=')[1] : undefined -} - async function generateChartValues() { - const releaseTag = getReleaseTag() - console.log( - 'Gathering charts', - releaseTag ? `with release tag: ${releaseTag}` : '', - ) + console.log('Gathering charts') for (const [name, envs] of Object.entries(Deployments)) { for (const [envType, envName] of Object.entries(envs)) { @@ -83,11 +72,6 @@ async function generateChartValues() { }, } - // Add release tag to image if provided - if (releaseTag && serviceValues.service.image?.repository) { - serviceValues.service.image.repository += `:${releaseTag}` - } - writeYamlFile( path.join( __dirname, From 2c4c51d64342942279df847fc1769d089968d404 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 13 Nov 2024 09:54:19 +0000 Subject: [PATCH 26/50] fix: console message --- infra/src/cli/generate-chart-values.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/infra/src/cli/generate-chart-values.ts b/infra/src/cli/generate-chart-values.ts index 3a6d7e9514ab..6d320b3d9a7c 100755 --- a/infra/src/cli/generate-chart-values.ts +++ b/infra/src/cli/generate-chart-values.ts @@ -64,6 +64,7 @@ async function generateChartValues() { const services = Charts[name as ChartName][envType as OpsEnv] for (const service of services) { const serviceName = service.name() + console.log(`Processing ${serviceName} ${envName} ${envType}`) if (renderedValues[serviceName]) { const serviceValues = { service: { From 498a91c18b8969babdbcb783197271be54dbaedd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 13 Nov 2024 14:11:59 +0000 Subject: [PATCH 27/50] chore: remove helm values refactor --- infra/package.json | 2 +- infra/src/cli/generate-chart-values.ts | 91 +++----------------------- infra/src/uber-charts/islandis.ts | 11 ++-- infra/yarn.lock | 22 ++++--- 4 files changed, 28 insertions(+), 98 deletions(-) diff --git a/infra/package.json b/infra/package.json index 37b440fdd44c..bf6322a2da85 100644 --- a/infra/package.json +++ b/infra/package.json @@ -29,10 +29,10 @@ "@types/lodash": "4.14.160", "aws-sdk": "^2.1003.0", "glob": "10.3.3", + "js-yaml": "4.0.0", "json-refs": "3.0.15", "json-schema-to-zod": "2.4.1", "lodash": "4.17.21", - "yaml": "2.6.0", "yargs": "17.7.2" }, "volta": { diff --git a/infra/src/cli/generate-chart-values.ts b/infra/src/cli/generate-chart-values.ts index 6d320b3d9a7c..aee963834737 100755 --- a/infra/src/cli/generate-chart-values.ts +++ b/infra/src/cli/generate-chart-values.ts @@ -1,91 +1,18 @@ import { renderEnv } from './render-env' -import { ChartName, Deployments, Charts } from '../uber-charts/all-charts' -import { writeFileSync, mkdirSync } from 'fs' +import { ChartName, Deployments } from '../uber-charts/all-charts' +import { writeFileSync } from 'fs' import { Envs } from '../environments' import { OpsEnv } from '../dsl/types/input-types' -import path from 'path' -import yaml from 'yaml' -import type { ToStringOptions } from 'yaml' - -const yamlOptions: ToStringOptions = { - defaultStringType: 'QUOTE_SINGLE', - defaultKeyType: 'PLAIN', -} - -// Recursive function to filter out empty string properties -const removeEmptyStringProperties = (obj: any): any => { - if (typeof obj !== 'object' || obj === null) return obj - - if (Array.isArray(obj)) { - return obj.map(removeEmptyStringProperties) - } - - return Object.fromEntries( - Object.entries(obj) - .filter(([_, value]) => value !== '') // Filter out empty strings - .map(([key, value]) => [key, removeEmptyStringProperties(value)]), // Recursively apply to nested objects - ) -} - -const writeYamlFile = (filePath: string, content: unknown) => { - const filteredContent = removeEmptyStringProperties(content) - const doc = new yaml.Document() - doc.contents = doc.createNode(filteredContent, { keepUndefined: false }) - - mkdirSync(path.dirname(filePath), { recursive: true }) - writeFileSync(filePath, doc.toString(yamlOptions), { encoding: 'utf8' }) -} - -async function generateChartValues() { +;(async () => { console.log('Gathering charts') - for (const [name, envs] of Object.entries(Deployments)) { for (const [envType, envName] of Object.entries(envs)) { - console.log(`Processing ${name} ${envName} ${envType}`) - - // Get rendered environment values and parse - const renderedYaml = await renderEnv(envType as OpsEnv, name as ChartName) - const renderedValues = yaml - .parseDocument(renderedYaml, { schema: 'json' }) - .toJSON() - - // Write umbrella chart values - writeYamlFile( - path.join( - __dirname, - '/../../../charts', - name, - `values.${Envs[envName].type}.yaml`, - ), - renderedValues, + console.log(`Rendering ${name} ${envName} ${envType}`) + writeFileSync( + `${__dirname}/../../../charts/${name}/values.${Envs[envName].type}.yaml`, + await renderEnv(envType as OpsEnv, name as ChartName), + { encoding: 'utf8' }, ) - - // Write individual service values - const services = Charts[name as ChartName][envType as OpsEnv] - for (const service of services) { - const serviceName = service.name() - console.log(`Processing ${serviceName} ${envName} ${envType}`) - if (renderedValues[serviceName]) { - const serviceValues = { - service: { - name: serviceName, - ...renderedValues[serviceName], - }, - } - - writeYamlFile( - path.join( - __dirname, - '/../../../charts/services', - serviceName, - `values.${Envs[envName].type}.yaml`, - ), - serviceValues, - ) - } - } } } -} - -generateChartValues().catch(console.error) +})() diff --git a/infra/src/uber-charts/islandis.ts b/infra/src/uber-charts/islandis.ts index 3bbd8203d9bb..32af52199241 100644 --- a/infra/src/uber-charts/islandis.ts +++ b/infra/src/uber-charts/islandis.ts @@ -62,10 +62,10 @@ import { } from '../../../apps/services/sessions/infra/sessions' import { serviceSetup as authAdminApiSetup } from '../../../apps/services/auth/admin-api/infra/auth-admin-api' +import { serviceSetup as unicornAppSetup } from '../../../apps/unicorn-app/infra/infra' import { EnvironmentServices } from '.././dsl/types/charts' import { ServiceBuilder } from '../dsl/dsl' -import { serviceSetup as unicornAppSetup } from '../../../apps/unicorn-app/infra/infra' const endorsement = endorsementServiceSetup({}) @@ -130,8 +130,6 @@ const consultationPortal = consultationPortalSetup({ api }) const xroadCollector = xroadCollectorSetup() -const unicornApp = unicornAppSetup() - const licenseApi = licenseApiSetup() const storybook = storybookSetup({}) @@ -142,8 +140,9 @@ const downloadService = downloadServiceSetup({ const userNotificationWorkerService = userNotificationWorkerSetup({ userProfileApi: servicePortalApi, }) -const userNotificationCleanupWorkerService = - userNotificationCleanUpWorkerSetup() +const userNotificationCleanupWorkerService = userNotificationCleanUpWorkerSetup() + +const unicornApp = unicornAppSetup() const githubActionsCache = githubActionsCacheSetup() @@ -185,6 +184,7 @@ export const Services: EnvironmentServices = { contentfulApps, contentfulEntryTagger, bffAdminPortalService, + unicornApp, ], staging: [ appSystemApi, @@ -219,6 +219,7 @@ export const Services: EnvironmentServices = { universityGatewayService, universityGatewayWorker, bffAdminPortalService, + unicornApp, ], dev: [ appSystemApi, diff --git a/infra/yarn.lock b/infra/yarn.lock index 97bc475a7bec..b8110816e3e0 100644 --- a/infra/yarn.lock +++ b/infra/yarn.lock @@ -6688,11 +6688,11 @@ __metadata: esbuild-register: 3.3.2 glob: 10.3.3 jest: 27.2.4 + js-yaml: 4.0.0 json-refs: 3.0.15 json-schema-to-zod: 2.4.1 lodash: 4.17.21 typescript: 4.6.4 - yaml: 2.6.0 yargs: 17.7.2 languageName: unknown linkType: soft @@ -7728,6 +7728,17 @@ __metadata: languageName: node linkType: hard +"js-yaml@npm:4.0.0": + version: 4.0.0 + resolution: "js-yaml@npm:4.0.0" + dependencies: + argparse: ^2.0.1 + bin: + js-yaml: bin/js-yaml.js + checksum: 931d6dddb3589fa272c8273366c6dffa99fd6bd26ac7b70f9bac925c28cb7ae352b964192df84f90ecd7a2ff50ab87e6d58e2148eb19c89aa155c73ed847ab92 + languageName: node + linkType: hard + "js-yaml@npm:4.1.0": version: 4.1.0 resolution: "js-yaml@npm:4.1.0" @@ -10737,15 +10748,6 @@ __metadata: languageName: node linkType: hard -"yaml@npm:2.6.0": - version: 2.6.0 - resolution: "yaml@npm:2.6.0" - bin: - yaml: bin.mjs - checksum: e5e74fd75e01bde2c09333d529af9fbb5928c5f7f01bfdefdcb2bf753d4ef489a45cab4deac01c9448f55ca27e691612b81fe3c3a59bb8cb5b0069da0f92cf0b - languageName: node - linkType: hard - "yaml@npm:^1.7.2": version: 1.10.2 resolution: "yaml@npm:1.10.2" From aefc18b7ad26ee4bfa6e7b65f5eca0ee2897bcf4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 13 Nov 2024 14:12:21 +0000 Subject: [PATCH 28/50] chore: remove helm values --- .../air-discount-scheme-api/values.dev.yaml | 77 ----- .../air-discount-scheme-api/values.prod.yaml | 75 ----- .../values.staging.yaml | 77 ----- .../values.dev.yaml | 111 ------- .../values.prod.yaml | 108 ------ .../values.staging.yaml | 111 ------- .../air-discount-scheme-web/values.dev.yaml | 75 ----- .../air-discount-scheme-web/values.prod.yaml | 72 ---- .../values.staging.yaml | 75 ----- charts/services/api/values.dev.yaml | 307 ------------------ charts/services/api/values.prod.yaml | 307 ------------------ charts/services/api/values.staging.yaml | 303 ----------------- .../values.dev.yaml | 101 ------ .../values.prod.yaml | 102 ------ .../values.staging.yaml | 101 ------ .../application-system-api/values.dev.yaml | 249 -------------- .../application-system-api/values.prod.yaml | 251 -------------- .../values.staging.yaml | 249 -------------- .../application-system-form/values.dev.yaml | 67 ---- .../application-system-form/values.prod.yaml | 71 ---- .../values.staging.yaml | 67 ---- .../services/auth-admin-web/values.dev.yaml | 69 ---- .../services/auth-admin-web/values.prod.yaml | 68 ---- .../auth-admin-web/values.staging.yaml | 69 ---- .../consultation-portal/values.dev.yaml | 67 ---- .../consultation-portal/values.prod.yaml | 71 ---- .../consultation-portal/values.staging.yaml | 67 ---- .../services/contentful-apps/values.dev.yaml | 63 ---- .../services/contentful-apps/values.prod.yaml | 64 ---- .../values.dev.yaml | 65 ---- .../values.prod.yaml | 66 ---- .../services/download-service/values.dev.yaml | 100 ------ .../download-service/values.prod.yaml | 100 ------ .../download-service/values.staging.yaml | 100 ------ .../endorsement-system-api/values.dev.yaml | 110 ------- .../endorsement-system-api/values.prod.yaml | 112 ------- .../values.staging.yaml | 110 ------- .../external-contracts-tests/values.dev.yaml | 56 ---- .../github-actions-cache/values.dev.yaml | 71 ---- .../values.dev.yaml | 89 ----- .../values.prod.yaml | 91 ------ .../values.staging.yaml | 89 ----- .../services/identity-server/values.dev.yaml | 124 ------- .../services/identity-server/values.prod.yaml | 124 ------- .../identity-server/values.staging.yaml | 124 ------- .../island-ui-storybook/values.dev.yaml | 57 ---- .../island-ui-storybook/values.prod.yaml | 58 ---- .../island-ui-storybook/values.staging.yaml | 57 ---- .../judicial-system-api/values.dev.yaml | 86 ----- .../judicial-system-api/values.prod.yaml | 87 ----- .../judicial-system-api/values.staging.yaml | 86 ----- .../judicial-system-backend/values.dev.yaml | 135 -------- .../judicial-system-backend/values.prod.yaml | 137 -------- .../values.staging.yaml | 136 -------- .../values.dev.yaml | 72 ---- .../values.prod.yaml | 73 ----- .../values.staging.yaml | 72 ---- .../values.dev.yaml | 65 ---- .../values.prod.yaml | 66 ---- .../values.staging.yaml | 65 ---- .../judicial-system-robot-api/values.dev.yaml | 70 ---- .../values.prod.yaml | 71 ---- .../values.staging.yaml | 70 ---- .../judicial-system-scheduler/values.dev.yaml | 67 ---- .../values.prod.yaml | 68 ---- .../values.staging.yaml | 67 ---- .../judicial-system-web/values.dev.yaml | 64 ---- .../judicial-system-web/values.prod.yaml | 65 ---- .../judicial-system-web/values.staging.yaml | 64 ---- .../judicial-system-xrd-api/values.dev.yaml | 71 ---- .../judicial-system-xrd-api/values.prod.yaml | 72 ---- .../values.staging.yaml | 71 ---- charts/services/license-api/values.dev.yaml | 94 ------ charts/services/license-api/values.prod.yaml | 95 ------ .../services/license-api/values.staging.yaml | 94 ------ charts/services/portals-admin/values.dev.yaml | 66 ---- .../services/portals-admin/values.prod.yaml | 70 ---- .../portals-admin/values.staging.yaml | 66 ---- .../regulations-admin-backend/values.dev.yaml | 93 ------ .../values.prod.yaml | 95 ------ .../values.staging.yaml | 93 ------ .../search-indexer-service/values.dev.yaml | 132 -------- .../search-indexer-service/values.prod.yaml | 133 -------- .../values.staging.yaml | 132 -------- .../service-portal-api/values.dev.yaml | 125 ------- .../service-portal-api/values.prod.yaml | 127 -------- .../service-portal-api/values.staging.yaml | 125 ------- .../services/service-portal/values.dev.yaml | 70 ---- .../services/service-portal/values.prod.yaml | 74 ----- .../service-portal/values.staging.yaml | 70 ---- .../services-auth-admin-api/values.dev.yaml | 92 ------ .../services-auth-admin-api/values.prod.yaml | 93 ------ .../values.staging.yaml | 92 ------ .../values.dev.yaml | 91 ------ .../values.prod.yaml | 92 ------ .../values.staging.yaml | 91 ------ .../values.dev.yaml | 62 ---- .../values.prod.yaml | 63 ---- .../values.staging.yaml | 62 ---- .../services-auth-ids-api/values.dev.yaml | 129 -------- .../services-auth-ids-api/values.prod.yaml | 131 -------- .../services-auth-ids-api/values.staging.yaml | 129 -------- .../values.dev.yaml | 62 ---- .../values.prod.yaml | 63 ---- .../values.staging.yaml | 62 ---- .../values.dev.yaml | 85 ----- .../values.prod.yaml | 86 ----- .../values.staging.yaml | 85 ----- .../services-auth-public-api/values.dev.yaml | 101 ------ .../services-auth-public-api/values.prod.yaml | 102 ------ .../values.staging.yaml | 101 ------ .../values.dev.yaml | 84 ----- .../values.prod.yaml | 87 ----- .../values.staging.yaml | 84 ----- .../services-documents/values.dev.yaml | 77 ----- .../services-documents/values.prod.yaml | 79 ----- .../services-documents/values.staging.yaml | 77 ----- .../services-sessions-cleanup/values.dev.yaml | 61 ---- .../values.prod.yaml | 62 ---- .../values.staging.yaml | 61 ---- .../services-sessions-worker/values.dev.yaml | 94 ------ .../services-sessions-worker/values.prod.yaml | 96 ------ .../values.staging.yaml | 94 ------ .../services-sessions/values.dev.yaml | 67 ---- .../services-sessions/values.prod.yaml | 68 ---- .../services-sessions/values.staging.yaml | 67 ---- .../values.dev.yaml | 85 ----- .../values.prod.yaml | 86 ----- .../values.staging.yaml | 85 ----- .../values.dev.yaml | 126 ------- .../values.prod.yaml | 128 -------- .../values.staging.yaml | 126 ------- .../services/skilavottord-web/values.dev.yaml | 67 ---- .../skilavottord-web/values.prod.yaml | 71 ---- .../skilavottord-web/values.staging.yaml | 67 ---- .../services/skilavottord-ws/values.dev.yaml | 95 ------ .../services/skilavottord-ws/values.prod.yaml | 100 ------ .../skilavottord-ws/values.staging.yaml | 95 ------ charts/services/unicorn-app/values.dev.yaml | 63 ---- charts/services/unicorn-app/values.prod.yaml | 84 ----- .../services/unicorn-app/values.staging.yaml | 84 ----- .../values.dev.yaml | 91 ------ .../values.prod.yaml | 93 ------ .../values.staging.yaml | 91 ------ .../user-notification-worker/values.dev.yaml | 118 ------- .../user-notification-worker/values.prod.yaml | 120 ------- .../values.staging.yaml | 118 ------- .../user-notification/values.dev.yaml | 104 ------ .../user-notification/values.prod.yaml | 105 ------ .../user-notification/values.staging.yaml | 104 ------ charts/services/web/values.dev.yaml | 71 ---- charts/services/web/values.prod.yaml | 75 ----- charts/services/web/values.staging.yaml | 72 ---- .../services/xroad-collector/values.dev.yaml | 67 ---- .../services/xroad-collector/values.prod.yaml | 68 ---- .../xroad-collector/values.staging.yaml | 67 ---- 156 files changed, 14609 deletions(-) delete mode 100644 charts/services/air-discount-scheme-api/values.dev.yaml delete mode 100644 charts/services/air-discount-scheme-api/values.prod.yaml delete mode 100644 charts/services/air-discount-scheme-api/values.staging.yaml delete mode 100644 charts/services/air-discount-scheme-backend/values.dev.yaml delete mode 100644 charts/services/air-discount-scheme-backend/values.prod.yaml delete mode 100644 charts/services/air-discount-scheme-backend/values.staging.yaml delete mode 100644 charts/services/air-discount-scheme-web/values.dev.yaml delete mode 100644 charts/services/air-discount-scheme-web/values.prod.yaml delete mode 100644 charts/services/air-discount-scheme-web/values.staging.yaml delete mode 100644 charts/services/api/values.dev.yaml delete mode 100644 charts/services/api/values.prod.yaml delete mode 100644 charts/services/api/values.staging.yaml delete mode 100644 charts/services/application-system-api-worker/values.dev.yaml delete mode 100644 charts/services/application-system-api-worker/values.prod.yaml delete mode 100644 charts/services/application-system-api-worker/values.staging.yaml delete mode 100644 charts/services/application-system-api/values.dev.yaml delete mode 100644 charts/services/application-system-api/values.prod.yaml delete mode 100644 charts/services/application-system-api/values.staging.yaml delete mode 100644 charts/services/application-system-form/values.dev.yaml delete mode 100644 charts/services/application-system-form/values.prod.yaml delete mode 100644 charts/services/application-system-form/values.staging.yaml delete mode 100644 charts/services/auth-admin-web/values.dev.yaml delete mode 100644 charts/services/auth-admin-web/values.prod.yaml delete mode 100644 charts/services/auth-admin-web/values.staging.yaml delete mode 100644 charts/services/consultation-portal/values.dev.yaml delete mode 100644 charts/services/consultation-portal/values.prod.yaml delete mode 100644 charts/services/consultation-portal/values.staging.yaml delete mode 100644 charts/services/contentful-apps/values.dev.yaml delete mode 100644 charts/services/contentful-apps/values.prod.yaml delete mode 100644 charts/services/contentful-entry-tagger-service/values.dev.yaml delete mode 100644 charts/services/contentful-entry-tagger-service/values.prod.yaml delete mode 100644 charts/services/download-service/values.dev.yaml delete mode 100644 charts/services/download-service/values.prod.yaml delete mode 100644 charts/services/download-service/values.staging.yaml delete mode 100644 charts/services/endorsement-system-api/values.dev.yaml delete mode 100644 charts/services/endorsement-system-api/values.prod.yaml delete mode 100644 charts/services/endorsement-system-api/values.staging.yaml delete mode 100644 charts/services/external-contracts-tests/values.dev.yaml delete mode 100644 charts/services/github-actions-cache/values.dev.yaml delete mode 100644 charts/services/icelandic-names-registry-backend/values.dev.yaml delete mode 100644 charts/services/icelandic-names-registry-backend/values.prod.yaml delete mode 100644 charts/services/icelandic-names-registry-backend/values.staging.yaml delete mode 100644 charts/services/identity-server/values.dev.yaml delete mode 100644 charts/services/identity-server/values.prod.yaml delete mode 100644 charts/services/identity-server/values.staging.yaml delete mode 100644 charts/services/island-ui-storybook/values.dev.yaml delete mode 100644 charts/services/island-ui-storybook/values.prod.yaml delete mode 100644 charts/services/island-ui-storybook/values.staging.yaml delete mode 100644 charts/services/judicial-system-api/values.dev.yaml delete mode 100644 charts/services/judicial-system-api/values.prod.yaml delete mode 100644 charts/services/judicial-system-api/values.staging.yaml delete mode 100644 charts/services/judicial-system-backend/values.dev.yaml delete mode 100644 charts/services/judicial-system-backend/values.prod.yaml delete mode 100644 charts/services/judicial-system-backend/values.staging.yaml delete mode 100644 charts/services/judicial-system-digital-mailbox-api/values.dev.yaml delete mode 100644 charts/services/judicial-system-digital-mailbox-api/values.prod.yaml delete mode 100644 charts/services/judicial-system-digital-mailbox-api/values.staging.yaml delete mode 100644 charts/services/judicial-system-message-handler/values.dev.yaml delete mode 100644 charts/services/judicial-system-message-handler/values.prod.yaml delete mode 100644 charts/services/judicial-system-message-handler/values.staging.yaml delete mode 100644 charts/services/judicial-system-robot-api/values.dev.yaml delete mode 100644 charts/services/judicial-system-robot-api/values.prod.yaml delete mode 100644 charts/services/judicial-system-robot-api/values.staging.yaml delete mode 100644 charts/services/judicial-system-scheduler/values.dev.yaml delete mode 100644 charts/services/judicial-system-scheduler/values.prod.yaml delete mode 100644 charts/services/judicial-system-scheduler/values.staging.yaml delete mode 100644 charts/services/judicial-system-web/values.dev.yaml delete mode 100644 charts/services/judicial-system-web/values.prod.yaml delete mode 100644 charts/services/judicial-system-web/values.staging.yaml delete mode 100644 charts/services/judicial-system-xrd-api/values.dev.yaml delete mode 100644 charts/services/judicial-system-xrd-api/values.prod.yaml delete mode 100644 charts/services/judicial-system-xrd-api/values.staging.yaml delete mode 100644 charts/services/license-api/values.dev.yaml delete mode 100644 charts/services/license-api/values.prod.yaml delete mode 100644 charts/services/license-api/values.staging.yaml delete mode 100644 charts/services/portals-admin/values.dev.yaml delete mode 100644 charts/services/portals-admin/values.prod.yaml delete mode 100644 charts/services/portals-admin/values.staging.yaml delete mode 100644 charts/services/regulations-admin-backend/values.dev.yaml delete mode 100644 charts/services/regulations-admin-backend/values.prod.yaml delete mode 100644 charts/services/regulations-admin-backend/values.staging.yaml delete mode 100644 charts/services/search-indexer-service/values.dev.yaml delete mode 100644 charts/services/search-indexer-service/values.prod.yaml delete mode 100644 charts/services/search-indexer-service/values.staging.yaml delete mode 100644 charts/services/service-portal-api/values.dev.yaml delete mode 100644 charts/services/service-portal-api/values.prod.yaml delete mode 100644 charts/services/service-portal-api/values.staging.yaml delete mode 100644 charts/services/service-portal/values.dev.yaml delete mode 100644 charts/services/service-portal/values.prod.yaml delete mode 100644 charts/services/service-portal/values.staging.yaml delete mode 100644 charts/services/services-auth-admin-api/values.dev.yaml delete mode 100644 charts/services/services-auth-admin-api/values.prod.yaml delete mode 100644 charts/services/services-auth-admin-api/values.staging.yaml delete mode 100644 charts/services/services-auth-delegation-api/values.dev.yaml delete mode 100644 charts/services/services-auth-delegation-api/values.prod.yaml delete mode 100644 charts/services/services-auth-delegation-api/values.staging.yaml delete mode 100644 charts/services/services-auth-ids-api-cleanup/values.dev.yaml delete mode 100644 charts/services/services-auth-ids-api-cleanup/values.prod.yaml delete mode 100644 charts/services/services-auth-ids-api-cleanup/values.staging.yaml delete mode 100644 charts/services/services-auth-ids-api/values.dev.yaml delete mode 100644 charts/services/services-auth-ids-api/values.prod.yaml delete mode 100644 charts/services/services-auth-ids-api/values.staging.yaml delete mode 100644 charts/services/services-auth-personal-representative-public/values.dev.yaml delete mode 100644 charts/services/services-auth-personal-representative-public/values.prod.yaml delete mode 100644 charts/services/services-auth-personal-representative-public/values.staging.yaml delete mode 100644 charts/services/services-auth-personal-representative/values.dev.yaml delete mode 100644 charts/services/services-auth-personal-representative/values.prod.yaml delete mode 100644 charts/services/services-auth-personal-representative/values.staging.yaml delete mode 100644 charts/services/services-auth-public-api/values.dev.yaml delete mode 100644 charts/services/services-auth-public-api/values.prod.yaml delete mode 100644 charts/services/services-auth-public-api/values.staging.yaml delete mode 100644 charts/services/services-bff-portals-admin/values.dev.yaml delete mode 100644 charts/services/services-bff-portals-admin/values.prod.yaml delete mode 100644 charts/services/services-bff-portals-admin/values.staging.yaml delete mode 100644 charts/services/services-documents/values.dev.yaml delete mode 100644 charts/services/services-documents/values.prod.yaml delete mode 100644 charts/services/services-documents/values.staging.yaml delete mode 100644 charts/services/services-sessions-cleanup/values.dev.yaml delete mode 100644 charts/services/services-sessions-cleanup/values.prod.yaml delete mode 100644 charts/services/services-sessions-cleanup/values.staging.yaml delete mode 100644 charts/services/services-sessions-worker/values.dev.yaml delete mode 100644 charts/services/services-sessions-worker/values.prod.yaml delete mode 100644 charts/services/services-sessions-worker/values.staging.yaml delete mode 100644 charts/services/services-sessions/values.dev.yaml delete mode 100644 charts/services/services-sessions/values.prod.yaml delete mode 100644 charts/services/services-sessions/values.staging.yaml delete mode 100644 charts/services/services-university-gateway-worker/values.dev.yaml delete mode 100644 charts/services/services-university-gateway-worker/values.prod.yaml delete mode 100644 charts/services/services-university-gateway-worker/values.staging.yaml delete mode 100644 charts/services/services-university-gateway/values.dev.yaml delete mode 100644 charts/services/services-university-gateway/values.prod.yaml delete mode 100644 charts/services/services-university-gateway/values.staging.yaml delete mode 100644 charts/services/skilavottord-web/values.dev.yaml delete mode 100644 charts/services/skilavottord-web/values.prod.yaml delete mode 100644 charts/services/skilavottord-web/values.staging.yaml delete mode 100644 charts/services/skilavottord-ws/values.dev.yaml delete mode 100644 charts/services/skilavottord-ws/values.prod.yaml delete mode 100644 charts/services/skilavottord-ws/values.staging.yaml delete mode 100644 charts/services/unicorn-app/values.dev.yaml delete mode 100644 charts/services/unicorn-app/values.prod.yaml delete mode 100644 charts/services/unicorn-app/values.staging.yaml delete mode 100644 charts/services/user-notification-cleanup-worker/values.dev.yaml delete mode 100644 charts/services/user-notification-cleanup-worker/values.prod.yaml delete mode 100644 charts/services/user-notification-cleanup-worker/values.staging.yaml delete mode 100644 charts/services/user-notification-worker/values.dev.yaml delete mode 100644 charts/services/user-notification-worker/values.prod.yaml delete mode 100644 charts/services/user-notification-worker/values.staging.yaml delete mode 100644 charts/services/user-notification/values.dev.yaml delete mode 100644 charts/services/user-notification/values.prod.yaml delete mode 100644 charts/services/user-notification/values.staging.yaml delete mode 100644 charts/services/web/values.dev.yaml delete mode 100644 charts/services/web/values.prod.yaml delete mode 100644 charts/services/web/values.staging.yaml delete mode 100644 charts/services/xroad-collector/values.dev.yaml delete mode 100644 charts/services/xroad-collector/values.prod.yaml delete mode 100644 charts/services/xroad-collector/values.staging.yaml diff --git a/charts/services/air-discount-scheme-api/values.dev.yaml b/charts/services/air-discount-scheme-api/values.dev.yaml deleted file mode 100644 index 67314a0df9e6..000000000000 --- a/charts/services/air-discount-scheme-api/values.dev.yaml +++ /dev/null @@ -1,77 +0,0 @@ -service: - name: 'air-discount-scheme-api' - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.dev01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'preview.contentful.com' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' diff --git a/charts/services/air-discount-scheme-api/values.prod.yaml b/charts/services/air-discount-scheme-api/values.prod.yaml deleted file mode 100644 index 61dbdd878a6e..000000000000 --- a/charts/services/air-discount-scheme-api/values.prod.yaml +++ /dev/null @@ -1,75 +0,0 @@ -service: - name: 'air-discount-scheme-api' - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.island.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' diff --git a/charts/services/air-discount-scheme-api/values.staging.yaml b/charts/services/air-discount-scheme-api/values.staging.yaml deleted file mode 100644 index 858b41f5fb4c..000000000000 --- a/charts/services/air-discount-scheme-api/values.staging.yaml +++ /dev/null @@ -1,77 +0,0 @@ -service: - name: 'air-discount-scheme-api' - enabled: true - env: - AUTH_AUDIENCE: 'loftbru.staging01.devland.is' - BACKEND_URL: 'http://web-air-discount-scheme-backend' - CONTENTFUL_HOST: 'cdn.contentful.com' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/graphql' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/graphql' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADMINS: '/k8s/air-discount-scheme/api/ADMINS' - AUTH_JWT_SECRET: '/k8s/air-discount-scheme/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/air-discount-scheme/api/CONTENTFUL_ACCESS_TOKEN' - DEVELOPERS: '/k8s/air-discount-scheme/api/DEVELOPERS' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/air-discount-scheme-api' - create: true - name: 'air-discount-scheme-api' diff --git a/charts/services/air-discount-scheme-backend/values.dev.yaml b/charts/services/air-discount-scheme-backend/values.dev.yaml deleted file mode 100644 index edd91838d9f8..000000000000 --- a/charts/services/air-discount-scheme-backend/values.dev.yaml +++ /dev/null @@ -1,111 +0,0 @@ -service: - name: 'air-discount-scheme-backend' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'air_discount_scheme_backend' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/air-discount-scheme-backend/values.prod.yaml b/charts/services/air-discount-scheme-backend/values.prod.yaml deleted file mode 100644 index a2f00949f619..000000000000 --- a/charts/services/air-discount-scheme-backend/values.prod.yaml +++ /dev/null @@ -1,108 +0,0 @@ -service: - name: 'air-discount-scheme-backend' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/air-discount-scheme-backend/values.staging.yaml b/charts/services/air-discount-scheme-backend/values.staging.yaml deleted file mode 100644 index 3931f900b739..000000000000 --- a/charts/services/air-discount-scheme-backend/values.staging.yaml +++ /dev/null @@ -1,111 +0,0 @@ -service: - name: 'air-discount-scheme-backend' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_CLIENT_ID: '@vegagerdin.is/clients/air-discount-scheme' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-backend' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/api/swagger' - - '/api/public' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'air_discount_scheme_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'air_discount_scheme_backend' - secrets: - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' - ERNIR_API_KEY: '/k8s/air-discount-scheme/backend/ERNIR_API_KEY' - ICELANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/ICELANDAIR_API_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/air-discount-scheme-backend/VEGAGERDIN_IDS_CLIENTS_ADS_SECRET' - MYFLUG_API_KEY: '/k8s/air-discount-scheme/backend/MYFLUG_API_KEY' - NATIONAL_REGISTRY_PASSWORD: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_PASSWORD' - NATIONAL_REGISTRY_URL: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_URL' - NATIONAL_REGISTRY_USERNAME: '/k8s/air-discount-scheme/backend/NATIONAL_REGISTRY_USERNAME' - NORLANDAIR_API_KEY: '/k8s/air-discount-scheme/backend/NORLANDAIR_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/air-discount-scheme-web/values.dev.yaml b/charts/services/air-discount-scheme-web/values.dev.yaml deleted file mode 100644 index b2c0a8699934..000000000000 --- a/charts/services/air-discount-scheme-web/values.dev.yaml +++ /dev/null @@ -1,75 +0,0 @@ -service: - name: 'air-discount-scheme-web' - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ - https://beta.dev01.devland.is/loftbru; rewrite /en$ - https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.dev01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.dev01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/air-discount-scheme-web/values.prod.yaml b/charts/services/air-discount-scheme-web/values.prod.yaml deleted file mode 100644 index c2326211be20..000000000000 --- a/charts/services/air-discount-scheme-web/values.prod.yaml +++ /dev/null @@ -1,72 +0,0 @@ -service: - name: 'air-discount-scheme-web' - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.island.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ - https://island.is/loftbru; rewrite /en$ - https://island.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.island.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/air-discount-scheme-web/values.staging.yaml b/charts/services/air-discount-scheme-web/values.staging.yaml deleted file mode 100644 index b4fcf97747ba..000000000000 --- a/charts/services/air-discount-scheme-web/values.staging.yaml +++ /dev/null @@ -1,75 +0,0 @@ -service: - name: 'air-discount-scheme-web' - enabled: true - env: - API_URL: 'http://web-air-discount-scheme-api' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 20 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/air-discount-scheme-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ - https://beta.staging01.devland.is/loftbru; rewrite /en$ - https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'loftbru.staging01.devland.is' - paths: - - '/' - - host: 'loftbru-cf.staging01.devland.is' - paths: - - '/' - namespace: 'air-discount-scheme' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/air-discount-scheme/web/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/api/values.dev.yaml b/charts/services/api/values.dev.yaml deleted file mode 100644 index 681f1b36923c..000000000000 --- a/charts/services/api/values.dev.yaml +++ /dev/null @@ -1,307 +0,0 @@ -service: - name: 'api' - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.dev01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.dev01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 's@kogk.is' - CONTENTFUL_HOST: 'preview.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.dev01.devland.is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-dev-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - FORM_SYSTEM_API_BASE_PATH: 'https://profun.island.is/umsoknarkerfi' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 's@kogk.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: 'island-is-assistant-feedback' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-DEV/GOV/10033/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-DEV/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-DEV/GOV/10030/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-DEV/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_ACCIDENT_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'stjanilofts' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/api' - - host: 'api-catalogue.dev01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/api' - create: true - name: 'api' diff --git a/charts/services/api/values.prod.yaml b/charts/services/api/values.prod.yaml deleted file mode 100644 index ee6456b181de..000000000000 --- a/charts/services/api/values.prod.yaml +++ /dev/null @@ -1,307 +0,0 @@ -service: - name: 'api' - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://innskra.island.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend","production":"https://innskra.island.is/backend"}' - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_IDS_API_URL: 'https://innskra.island.is' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi.island.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.island.is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-prod-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'island@island.is' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: 'island-is-assistant-feedback' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS/GOV/5402697509/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS/GOV/5804170510/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_ACCIDENT_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/api' - - host: 'www.island.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/api' - create: true - name: 'api' diff --git a/charts/services/api/values.staging.yaml b/charts/services/api/values.staging.yaml deleted file mode 100644 index 7a9b4fbf774d..000000000000 --- a/charts/services/api/values.staging.yaml +++ /dev/null @@ -1,303 +0,0 @@ -service: - name: 'api' - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AIR_DISCOUNT_SCHEME_BACKEND_URL: 'http://web-air-discount-scheme-backend.air-discount-scheme.svc.cluster.local' - AIR_DISCOUNT_SCHEME_CLIENT_TIMEOUT: '20000' - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APOLLO_CACHE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - APPLICATION_SYSTEM_API_URL: 'http://web-application-system-api.application-system.svc.cluster.local' - AUTH_ADMIN_API_PATH: 'https://identity-server.staging01.devland.is/backend' - AUTH_ADMIN_API_PATHS: '{"development":"https://identity-server.dev01.devland.is/backend","staging":"https://identity-server.staging01.devland.is/backend"}' - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_IDS_API_URL: 'https://identity-server.staging01.devland.is' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONSULTATION_PORTAL_CLIENT_BASE_PATH: 'https://samradapi-test.devland.is' - CONTACT_US_EMAIL: 'island@island.is' - CONTENTFUL_HOST: 'cdn.contentful.com' - DOWNLOAD_SERVICE_BASE_PATH: 'https://api.staging01.devland.is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com/' - ELECTRONIC_REGISTRATION_STATISTICS_API_URL: 'https://api-staging.thinglysing.is/business/tolfraedi' - ENDORSEMENT_SYSTEM_BASE_API_URL: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_DOWNLOAD_BUCKET: 'island-is-staging-download-cache-api' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FISKISTOFA_ZENTER_CLIENT_ID: '1114' - HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - MUNICIPALITIES_FINANCIAL_AID_BACKEND_URL: 'http://web-financial-aid-backend' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SEND_FROM_EMAIL: 'development@island.is' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' - SYSLUMENN_TIMEOUT: '40000' - TELL_US_A_STORY_EMAIL: 'sogur@island.is' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - WATSON_ASSISTANT_CHAT_FEEDBACK_DB_NAME: 'island-is-assistant-feedback' - XROAD_ADR_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/rettindi-token-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_AIRCRAFT_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Loftfaraskra-V1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_DRIVING_LICENSE_BOOK_TIMEOUT: '20000' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_TIMEOUT: '20000' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_HOUSING_BENEFIT_CALCULATOR_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/calc-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PATH: 'IS-TEST/GOV/10021/FJS-Protected/recruitment-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_INTELLECTUAL_PROPERTIES_PATH: 'IS-TEST/GOV/6501912189/WebAPI-Public/HUG-webAPI' - XROAD_JUDICIAL_SYSTEM_SP_PATH: 'IS-TEST/GOV/10014/Rettarvorslugatt-Private/judicial-system-mailbox-api' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_NATIONAL_REGISTRY_TIMEOUT: '20000' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_PROPERTIES_TIMEOUT: '35000' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_RSK_PROCURING_SCOPE: '["@rsk.is/prokura","@rsk.is/prokura:admin"]' - XROAD_SHIP_REGISTRY_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/skipaskra-V1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_ACCIDENT_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/api' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1200m' - memory: '3200Mi' - requests: - cpu: '400m' - memory: '896Mi' - secrets: - ADR_LICENSE_FETCH_TIMEOUT: '/k8s/api/ADR_LICENSE_FETCH_TIMEOUT' - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CHART_STATISTIC_CACHE_TTL: '/k8s/api/CHART_STATISTIC_CACHE_TTL' - CHART_STATISTIC_SOURCE_DATA_PATHS: '/k8s/api/CHART_STATISTIC_SOURCE_DATA_PATHS' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PRIVATE_RSA_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_IBM_KEY' - DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY: '/k8s/api/DIRECTORATE_OF_IMMIGRATION_WATSON_ASSISTANT_CHAT_PUBLIC_RSA_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DOCUMENT_PROVIDER_BASE_PATH: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH' - DOCUMENT_PROVIDER_BASE_PATH_TEST: '/k8s/api/DOCUMENT_PROVIDER_BASE_PATH_TEST' - DOCUMENT_PROVIDER_CLIENTID: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID' - DOCUMENT_PROVIDER_CLIENTID_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENTID_TEST' - DOCUMENT_PROVIDER_CLIENT_SECRET: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET' - DOCUMENT_PROVIDER_CLIENT_SECRET_TEST: '/k8s/documentprovider/DOCUMENT_PROVIDER_CLIENT_SECRET_TEST' - DOCUMENT_PROVIDER_TOKEN_URL: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL' - DOCUMENT_PROVIDER_TOKEN_URL_TEST: '/k8s/api/DOCUMENT_PROVIDER_TOKEN_URL_TEST' - DOMSYSLA_PASSWORD: '/k8s/api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/api/DRIVING_LICENSE_BOOK_XROAD_PATH' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_AUDIENCE' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_ID' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_CLIENT_SECRET' - FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL: '/k8s/api/FISKISTOFA_API_ACCESS_TOKEN_SERVICE_URL' - FISKISTOFA_API_URL: '/k8s/api/FISKISTOFA_API_URL' - FISKISTOFA_POWERBI_CLIENT_ID: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_ID' - FISKISTOFA_POWERBI_CLIENT_SECRET: '/k8s/api/FISKISTOFA_POWERBI_CLIENT_SECRET' - FISKISTOFA_POWERBI_TENANT_ID: '/k8s/api/FISKISTOFA_POWERBI_TENANT_ID' - FISKISTOFA_ZENTER_CLIENT_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_CLIENT_PASSWORD' - FISKISTOFA_ZENTER_EMAIL: '/k8s/api/FISKISTOFA_ZENTER_EMAIL' - FISKISTOFA_ZENTER_PASSWORD: '/k8s/api/FISKISTOFA_ZENTER_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_PASSWORD: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_PASSWORD' - HOUSING_BENEFIT_CALCULATOR_USERNAME: '/k8s/xroad/client/HOUSING_BENEFIT_CALCULATOR_USERNAME' - HSN_WEB_FORM_RESPONSE_SECRET: '/k8s/api/HSN_WEB_FORM_RESPONSE_SECRET' - HSN_WEB_FORM_RESPONSE_URL: '/k8s/api/HSN_WEB_FORM_RESPONSE_URL' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_PASSWORD' - ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME: '/k8s/xroad/client/ICELANDIC_GOVERNMENT_INSTITUTION_VACANCIES_USERNAME' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/api/IDENTITY_SERVER_CLIENT_SECRET' - INTELLECTUAL_PROPERTY_API_KEY: '/k8s/api/IP_API_KEY' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - SYSLUMENN_HOST: '/k8s/api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/api/SYSLUMENN_USERNAME' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - ULTRAVIOLET_RADIATION_API_KEY: '/k8s/api/ULTRAVIOLET_RADIATION_API_KEY' - UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL: '/k8s/api/UMBODSMADUR_SKULDARA_COST_OF_LIVING_CALCULATOR_API_URL' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VEHICLES_ALLOW_CO_OWNERS: '/k8s/api/VEHICLES_ALLOW_CO_OWNERS' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY: '/k8s/api/VINNUEFTIRLITID_CAMPAIGN_MONITOR_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_API_KEY' - WATSON_ASSISTANT_CHAT_FEEDBACK_URL: '/k8s/api/WATSON_ASSISTANT_CHAT_FEEDBACK_URL' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/api' - create: true - name: 'api' diff --git a/charts/services/application-system-api-worker/values.dev.yaml b/charts/services/application-system-api-worker/values.dev.yaml deleted file mode 100644 index 116aa78863b7..000000000000 --- a/charts/services/application-system-api-worker/values.dev.yaml +++ /dev/null @@ -1,101 +0,0 @@ -service: - name: 'application-system-api-worker' - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' diff --git a/charts/services/application-system-api-worker/values.prod.yaml b/charts/services/application-system-api-worker/values.prod.yaml deleted file mode 100644 index a9f691138c6d..000000000000 --- a/charts/services/application-system-api-worker/values.prod.yaml +++ /dev/null @@ -1,102 +0,0 @@ -service: - name: 'application-system-api-worker' - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' diff --git a/charts/services/application-system-api-worker/values.staging.yaml b/charts/services/application-system-api-worker/values.staging.yaml deleted file mode 100644 index 777f4c70658b..000000000000 --- a/charts/services/application-system-api-worker/values.staging.yaml +++ /dev/null @@ -1,101 +0,0 @@ -service: - name: 'application-system-api-worker' - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '150m' - memory: '384Mi' - schedule: '*/30 * * * *' - secrets: - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api-worker' - create: true - name: 'application-system-api-worker' diff --git a/charts/services/application-system-api/values.dev.yaml b/charts/services/application-system-api/values.dev.yaml deleted file mode 100644 index 7baf7cd46ec5..000000000000 --- a/charts/services/application-system-api/values.dev.yaml +++ /dev/null @@ -1,249 +0,0 @@ -service: - name: 'application-system-api' - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-dev-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.dev01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.dev01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10026/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-dev-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-dev-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10012/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-DEV/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-DEV/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-DEV/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Sakavottord-PDF-v2' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-DEV/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-DEV/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-DEV/MUN/10023/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-DEV/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-DEV/GOV/10066/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-DEV/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-DEV/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS-DEV/GOV/10000/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS-DEV/GOV/10021/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-DEV/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-DEV/GOV/10033/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_TR_PATH: 'IS-DEV/GOV/10008/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-DEV/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '10003' - XROAD_WORK_ACCIDENT_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/slysaskraning-token' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.dev01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'application_system_api' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/application-system-api' - create: true - name: 'application-system-api' diff --git a/charts/services/application-system-api/values.prod.yaml b/charts/services/application-system-api/values.prod.yaml deleted file mode 100644 index d062b3b7480f..000000000000 --- a/charts/services/application-system-api/values.prod.yaml +++ /dev/null @@ -1,251 +0,0 @@ -service: - name: 'application-system-api' - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-prod-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://innskra.island.is/api' - CLIENT_LOCATION_ORIGIN: 'https://island.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-prod-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-prod-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://star-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://star-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'island@island.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Stafrรฆnt รsland' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Production' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS/GOV/5605882089/UA-Protected/kvortun-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS/GOV/5402697509/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS/GOV/4707171140/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS/GOV/6702696399/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS/GOV/5402697509/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS/GOV/7101695009/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:/IS/GOV/5501692829/island-is/application-callback-v2/application-payment/' - XROAD_PAYMENT_PROVIDER_ID: 'IS/GOV/5402697509/FJS-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS/GOV/5402697509/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_TR_PATH: 'IS/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS/GOV/5402697509/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_ACCIDENT_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.island.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/application-system-api' - create: true - name: 'application-system-api' diff --git a/charts/services/application-system-api/values.staging.yaml b/charts/services/application-system-api/values.staging.yaml deleted file mode 100644 index 7650e39325e6..000000000000 --- a/charts/services/application-system-api/values.staging.yaml +++ /dev/null @@ -1,249 +0,0 @@ -service: - name: 'application-system-api' - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - APPLICATION_ATTACHMENT_BUCKET: 'island-is-staging-storage-application-system' - AUTH_PUBLIC_API_URL: 'https://identity-server.staging01.devland.is/api' - CLIENT_LOCATION_ORIGIN: 'https://beta.staging01.devland.is/umsoknir' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DATA_PROTECTION_COMPLAINT_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5608002820/gopro/kvortun-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - EHIC_XROAD_PROVIDER_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/ehic' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENTS_API_BASE_PATH: 'http://web-endorsement-system-api.endorsement-system.svc.cluster.local' - FILE_SERVICE_PRESIGN_BUCKET: 'island-is-staging-fs-presign-bucket' - FILE_STORAGE_UPLOAD_BUCKET: 'island-is-staging-upload-api' - FINANCIAL_STATEMENTS_INAO_BASE_PATH: 'https://dev-re.crm4.dynamics.com/api/data/v9.1' - FINANCIAL_STATEMENTS_INAO_ISSUER: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/v2.0' - FINANCIAL_STATEMENTS_INAO_SCOPE: 'https://dev-re.crm4.dynamics.com/.default' - FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' - FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - FUNDING_GOVERNMENT_PROJECTS_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - GRAPHQL_API_URL: 'http://web-api.islandis.svc.cluster.local' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/application-system' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - INSTITUTION_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - INSTITUTION_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOGIN_SERVICE_APPLICATION_RECIPIENT_EMAIL_ADDRESS: 'gunnar.ingi@fjr.is' - LOGIN_SERVICE_APPLICATION_RECIPIENT_NAME: 'Gunnar Ingi' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - NOVA_USERNAME: 'IslandIs_User_Development' - RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' - SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - WORKPOINT_ARBORG_SERVICE_PATH: 'IS-TEST/MUN/10036/Arborg-Protected/tengill-application-v1' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_ALTHINGI_OMBUDSMAN_SERVICE_PATH: 'IS-TEST/GOV/10047/UA-Protected/kvortun-v1/' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' - XROAD_CHARGE_FJS_V2_TIMEOUT: '20000' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_COURT_BANKRUPTCY_CERT_PATH: 'IS-TEST/GOV/10019/Domstolasyslan/JusticePortal-v1' - XROAD_CRIMINAL_RECORD_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Sakaskra-v1' - XROAD_DIGITAL_TACHOGRAPH_DRIVERS_CARD_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Okuritar-V1' - XROAD_DIRECTORATE_OF_IMMIGRATION_PATH: 'IS-TEST/GOV/10011/UTL-Protected/Utl-Umsokn-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_ENERGY_FUNDS_PATH: 'IS-TEST/GOV/10021/FJS-Public/ElectricCarSubSidyService_v1' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_FINANCIAL_AID_BACKEND_PATH: 'IS-TEST/MUN/5502694739/samband-sveitarfelaga/financial-aid-backend' - XROAD_HEALTH_DIRECTORATE_ORGAN_DONATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/organ-donation-v1' - XROAD_HEALTH_DIRECTORATE_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/landlaeknir' - XROAD_HEALTH_DIRECTORATE_VACCINATION_PATH: 'IS-TEST/GOV/10015/EmbaettiLandlaeknis-Protected/vaccination-v1' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_INNA_PATH: 'IS-TEST/GOV/6601241280/MMS-Protected/inna-v1' - XROAD_MMS_FRIGG_PATH: 'IS-TEST/GOV/10066/MMS-Protected/frigg-form-service' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_OFFICIAL_JOURNAL_APPLICATION_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal-application' - XROAD_OFFICIAL_JOURNAL_PATH: 'IS-TEST/GOV/10014/DMR-Protected/official-journal' - XROAD_PASSPORT_LICENSE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Forskraning-V1' - XROAD_PAYMENT_ADDITION_CALLBACK_URL: '/' - XROAD_PAYMENT_BASE_CALLBACK_URL: 'XROAD:' - XROAD_PAYMENT_PROVIDER_ID: 'IS-TEST/GOV/10021/FJS-DEV-Public' - XROAD_PAYMENT_SCHEDULE_PATH: 'IS-TEST/GOV/10021/FJS-Public/paymentSchedule_v1' - XROAD_PROPERTIES_SERVICE_V2_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/Fasteignir-v1' - XROAD_SIGNATURE_COLLECTION_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Medmaeli-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_TR_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/external-v1' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_MILEAGE_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Vehicle-Mileagereading-V1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_VEHICLE_CODETABLES_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Codetables-V1' - XROAD_VEHICLE_INFOLOCKS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Infolocks-V1' - XROAD_VEHICLE_OPERATORS_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Operators-V3' - XROAD_VEHICLE_OWNER_CHANGE_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Ownerchange-V2' - XROAD_VEHICLE_PLATE_ORDERING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOrdering-V1' - XROAD_VEHICLE_PLATE_RENEWAL_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-PlateOwnership-V1' - XROAD_VEHICLE_PRINTING_PATH: 'IS-TEST/GOV/10017/Samgongustofa-Protected/Vehicle-Printing-V1' - XROAD_VEHICLE_SERVICE_FJS_V1_PATH: 'IS-TEST/GOV/10021/FJS-Public/VehicleServiceFJS_v1' - XROAD_VMST_API_PATH: '/VMST-ParentalLeave-Protected/ParentalLeaveApplication-v1' - XROAD_VMST_MEMBER_CODE: '7005942039' - XROAD_WORK_ACCIDENT_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/slysaskraning-token' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 60 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'application-payment-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - - host: 'application-callback-xrd.internal.staging01.devland.is' - paths: - - '/application-payment' - - '/applications' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'application_system_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'application_system_api' - secrets: - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 60 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '75m' - memory: '512Mi' - secrets: - ALTHINGI_OMBUDSMAN_XROAD_PASSWORD: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_PASSWORD' - ALTHINGI_OMBUDSMAN_XROAD_USERNAME: '/k8s/api/ALTHINGI_OMBUDSMAN_XROAD_USERNAME' - ARK_BASE_URL: '/k8s/application-system-api/ARK_BASE_URL' - AUTH_JWT_SECRET: '/k8s/application-system/api/AUTH_JWT_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/api/CONTENTFUL_ACCESS_TOKEN' - DATA_PROTECTION_COMPLAINT_API_PASSWORD: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_PASSWORD' - DATA_PROTECTION_COMPLAINT_API_USERNAME: '/k8s/xroad/client/DATA_PROTECTION_COMPLAINT_API_USERNAME' - DB_PASS: '/k8s/application-system-api/DB_PASSWORD' - DOCUMENT_PROVIDER_ONBOARDING_REVIEWER: '/k8s/application-system/api/DOCUMENT_PROVIDER_ONBOARDING_REVIEWER' - DOKOBIT_ACCESS_TOKEN: '/k8s/application-system/api/DOKOBIT_ACCESS_TOKEN' - DOKOBIT_URL: '/k8s/application-system-api/DOKOBIT_URL' - DOMSYSLA_PASSWORD: '/k8s/application-system-api/DOMSYSLA_PASSWORD' - DOMSYSLA_USERNAME: '/k8s/application-system-api/DOMSYSLA_USERNAME' - DRIVING_LICENSE_BOOK_PASSWORD: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_PASSWORD' - DRIVING_LICENSE_BOOK_USERNAME: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_USERNAME' - DRIVING_LICENSE_BOOK_XROAD_PATH: '/k8s/application-system-api/DRIVING_LICENSE_BOOK_XROAD_PATH' - EMAIL_FROM: '/k8s/application-system/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/application-system/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/application-system/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/application-system/api/EMAIL_REPLY_TO_NAME' - FINANCIAL_STATEMENTS_INAO_CLIENT_ID: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_ID' - FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET: '/k8s/api/FINANCIAL_STATEMENTS_INAO_CLIENT_SECRET' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/application-system/api/IDENTITY_SERVER_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/application-system/api/NOVA_PASSWORD' - NOVA_URL: '/k8s/application-system-api/NOVA_URL' - SYSLUMENN_HOST: '/k8s/application-system-api/SYSLUMENN_HOST' - SYSLUMENN_PASSWORD: '/k8s/application-system/api/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/application-system/api/SYSLUMENN_USERNAME' - VMST_ID: '/k8s/application-system/VMST_ID' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - XROAD_PAYMENT_PASSWORD: '/k8s/application-system-api/PAYMENT_PASSWORD' - XROAD_PAYMENT_USER: '/k8s/application-system-api/PAYMENT_USER' - XROAD_PROPERTIES_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - XROAD_VMST_API_KEY: '/k8s/vmst-client/VMST_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/application-system-api' - create: true - name: 'application-system-api' diff --git a/charts/services/application-system-form/values.dev.yaml b/charts/services/application-system-form/values.dev.yaml deleted file mode 100644 index 4fd5a2488827..000000000000 --- a/charts/services/application-system-form/values.dev.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'application-system-form' - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/application-system-form/values.prod.yaml b/charts/services/application-system-form/values.prod.yaml deleted file mode 100644 index 50adb0555485..000000000000 --- a/charts/services/application-system-form/values.prod.yaml +++ /dev/null @@ -1,71 +0,0 @@ -service: - name: 'application-system-form' - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/umsoknir' - - host: 'www.island.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/application-system-form/values.staging.yaml b/charts/services/application-system-form/values.staging.yaml deleted file mode 100644 index 5f1ad830a46a..000000000000 --- a/charts/services/application-system-form/values.staging.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'application-system-form' - enabled: true - env: - BASEPATH: '/umsoknir' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/application-system-form' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/umsoknir' - namespace: 'application-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/auth-admin-web/values.dev.yaml b/charts/services/auth-admin-web/values.dev.yaml deleted file mode 100644 index 5f9c634c2a2f..000000000000 --- a/charts/services/auth-admin-web/values.dev.yaml +++ /dev/null @@ -1,69 +0,0 @@ -service: - name: 'auth-admin-web' - enabled: true - env: - BASE_URL: 'https://identity-server.dev01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/auth-admin-web/values.prod.yaml b/charts/services/auth-admin-web/values.prod.yaml deleted file mode 100644 index ce90f12339d9..000000000000 --- a/charts/services/auth-admin-web/values.prod.yaml +++ /dev/null @@ -1,68 +0,0 @@ -service: - name: 'auth-admin-web' - enabled: true - env: - BASE_URL: 'https://innskra.island.is/admin' - IDENTITYSERVER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://innskra.island.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/auth-admin-web/values.staging.yaml b/charts/services/auth-admin-web/values.staging.yaml deleted file mode 100644 index 47cf87d1a295..000000000000 --- a/charts/services/auth-admin-web/values.staging.yaml +++ /dev/null @@ -1,69 +0,0 @@ -service: - name: 'auth-admin-web' - enabled: true - env: - BASE_URL: 'https://identity-server.staging01.devland.is/admin' - IDENTITYSERVER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' - NEXT_PUBLIC_BACKEND_URL: '/backend' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/auth-admin-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/proxy-buffers-number: '4' - nginx.ingress.kubernetes.io/server-snippet: 'client_header_buffer_size 16k; large_client_header_buffers 4 16k;' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/admin' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - progressDeadlineSeconds: 1200 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '256Mi' - requests: - cpu: '200m' - memory: '192Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITYSERVER_SECRET: '/k8s/auth-admin-web/IDENTITYSERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/consultation-portal/values.dev.yaml b/charts/services/consultation-portal/values.dev.yaml deleted file mode 100644 index a1a02ad1e8ce..000000000000 --- a/charts/services/consultation-portal/values.dev.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'consultation-portal' - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'dev' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/consultation-portal/values.prod.yaml b/charts/services/consultation-portal/values.prod.yaml deleted file mode 100644 index b23963e806d9..000000000000 --- a/charts/services/consultation-portal/values.prod.yaml +++ /dev/null @@ -1,71 +0,0 @@ -service: - name: 'consultation-portal' - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi.island.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'prod' - IDENTITY_SERVER_ISSUER_DOMAIN: 'innskra.island.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://island.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/samradsgatt' - - host: 'www.island.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/consultation-portal/values.staging.yaml b/charts/services/consultation-portal/values.staging.yaml deleted file mode 100644 index 50bdc4da4988..000000000000 --- a/charts/services/consultation-portal/values.staging.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'consultation-portal' - enabled: true - env: - API_URL: 'http://web-api.islandis.svc.cluster.local' - BACKEND_DL_URL: 'https://samradapi-test.devland.is/api/Documents/' - BASEPATH: '/consultation-portal' - ENVIRONMENT: 'staging' - IDENTITY_SERVER_ISSUER_DOMAIN: 'identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/consultation-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/samradsgatt' - namespace: 'consultation-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_SECRET: '/k8s/consultation-portal/IDENTITY_SERVER_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/contentful-apps/values.dev.yaml b/charts/services/contentful-apps/values.dev.yaml deleted file mode 100644 index 9a3730d0784e..000000000000 --- a/charts/services/contentful-apps/values.dev.yaml +++ /dev/null @@ -1,63 +0,0 @@ -service: - name: 'contentful-apps' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-apps' - create: true - name: 'contentful-apps' diff --git a/charts/services/contentful-apps/values.prod.yaml b/charts/services/contentful-apps/values.prod.yaml deleted file mode 100644 index e6056818fb35..000000000000 --- a/charts/services/contentful-apps/values.prod.yaml +++ /dev/null @@ -1,64 +0,0 @@ -service: - name: 'contentful-apps' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/contentful-apps' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-apps.island.is' - paths: - - '/' - namespace: 'contentful-apps' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-apps' - create: true - name: 'contentful-apps' diff --git a/charts/services/contentful-entry-tagger-service/values.dev.yaml b/charts/services/contentful-entry-tagger-service/values.dev.yaml deleted file mode 100644 index beb56b5b6528..000000000000 --- a/charts/services/contentful-entry-tagger-service/values.dev.yaml +++ /dev/null @@ -1,65 +0,0 @@ -service: - name: 'contentful-entry-tagger-service' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.dev01.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' diff --git a/charts/services/contentful-entry-tagger-service/values.prod.yaml b/charts/services/contentful-entry-tagger-service/values.prod.yaml deleted file mode 100644 index 6ff3a713a921..000000000000 --- a/charts/services/contentful-entry-tagger-service/values.prod.yaml +++ /dev/null @@ -1,66 +0,0 @@ -service: - name: 'contentful-entry-tagger-service' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-contentful-entry-tagger' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'contentful-entry-tagger-service.devland.is' - paths: - - '/' - namespace: 'contentful-entry-tagger' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_MANAGEMENT_ACCESS_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_MANAGEMENT_ACCESS_TOKEN' - CONTENTFUL_REQUEST_TOKEN: '/k8s/contentful-entry-tagger/CONTENTFUL_REQUEST_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/contentful-entry-tagger' - create: true - name: 'contentful-entry-tagger' diff --git a/charts/services/download-service/values.dev.yaml b/charts/services/download-service/values.dev.yaml deleted file mode 100644 index 3e793c5edc04..000000000000 --- a/charts/services/download-service/values.dev.yaml +++ /dev/null @@ -1,100 +0,0 @@ -service: - name: 'download-service' - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-DEV/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-DEV/GOV/10007/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-DEV/GOV/10007/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-DEV/GOV/10033/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-DEV/GOV/10066/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS-DEV/GOV/10017/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-DEV/GOV/10013/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.dev01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/download-service/values.prod.yaml b/charts/services/download-service/values.prod.yaml deleted file mode 100644 index 4980e4f1ae9e..000000000000 --- a/charts/services/download-service/values.prod.yaml +++ /dev/null @@ -1,100 +0,0 @@ -service: - name: 'download-service' - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS/GOV/5512201410/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS/GOV/5402697509/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS/GOV/5402697509/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS/GOV/5812191480/Husnaeds-og-mannvirkjastofnun-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.island.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/download-service/values.staging.yaml b/charts/services/download-service/values.staging.yaml deleted file mode 100644 index 580b53c74e4d..000000000000 --- a/charts/services/download-service/values.staging.yaml +++ /dev/null @@ -1,100 +0,0 @@ -service: - name: 'download-service' - enabled: true - env: - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/download-service' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' - XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/brautskraning-v1' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISTRICT_COMMISSIONERS_LICENSES_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/RettindiIslandis' - XROAD_DISTRICT_COMMISSIONERS_P_CARD_PATH: 'IS-TEST/GOV/10016/Syslumenn-Protected/IslandMinarSidur' - XROAD_FINANCES_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeIsland' - XROAD_FINANCES_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/financeServicesFJS_v2' - XROAD_HEALTH_INSURANCE_ID: 'IS-TEST/GOV/4804080550/SJUKRA-Protected' - XROAD_HEALTH_INSURANCE_MY_PAGES_PATH: 'IS-TEST/GOV/4804080550/SJUKRA-Protected/minarsidur' - XROAD_HEALTH_INSURANCE_WSDLURL: 'https://test-huld.sjukra.is/islandrg?wsdl' - XROAD_HMS_HOUSING_BENEFITS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/husbot-v1' - XROAD_HMS_LOANS_PATH: 'IS-TEST/GOV/5812191480/HMS-Protected/libra-v1' - XROAD_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/brautskraning-v1' - XROAD_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/brautskraning-v1' - XROAD_MMS_GRADE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/grade-api-v1' - XROAD_MMS_LICENSE_SERVICE_ID: 'IS-TEST/GOV/6601241280/MMS-Protected/license-api-v1' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/brautskraning-v1' - XROAD_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/brautskraning-v1' - XROAD_VEHICLES_PATH: 'IS/GOV/5405131040/Samgongustofa-Protected/Mitt-Svaedi-V1' - XROAD_WORK_MACHINE_LICENSE_PATH: 'IS-TEST/GOV/4201810439/Vinnueftirlitid-Protected/vinnuvelar-token' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-external' - - 'services-bff-portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: 'download/v1/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: 'download/v1/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/download-service' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'api.staging01.devland.is' - paths: - - '/download' - namespace: 'download-service' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/download-service/IDENTITY_SERVER_CLIENT_SECRET' - POSTHOLF_BASE_PATH: '/k8s/documents/POSTHOLF_BASE_PATH' - POSTHOLF_CLIENTID: '/k8s/documents/POSTHOLF_CLIENTID' - POSTHOLF_CLIENT_SECRET: '/k8s/documents/POSTHOLF_CLIENT_SECRET' - POSTHOLF_TOKEN_URL: '/k8s/documents/POSTHOLF_TOKEN_URL' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - XROAD_HEALTH_INSURANCE_PASSWORD: '/k8s/health-insurance/XROAD-PASSWORD' - XROAD_HEALTH_INSURANCE_USERNAME: '/k8s/health-insurance/XROAD-USER' - XROAD_HEALTH_INSURANCE_V2_XROAD_PASSWORD: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_PASSWORD' - XROAD_HEALTH_INSURANCE_V2_XROAD_USERNAME: '/k8s/api/HEALTH_INSURANCE_V2_XROAD_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/endorsement-system-api/values.dev.yaml b/charts/services/endorsement-system-api/values.dev.yaml deleted file mode 100644 index a048c372c915..000000000000 --- a/charts/services/endorsement-system-api/values.dev.yaml +++ /dev/null @@ -1,110 +0,0 @@ -service: - name: 'endorsement-system-api' - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-dev-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_endorsements_api' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' diff --git a/charts/services/endorsement-system-api/values.prod.yaml b/charts/services/endorsement-system-api/values.prod.yaml deleted file mode 100644 index 3694f2d68ec2..000000000000 --- a/charts/services/endorsement-system-api/values.prod.yaml +++ /dev/null @@ -1,112 +0,0 @@ -service: - name: 'endorsement-system-api' - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_FROM_NAME: 'island.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-prod-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' diff --git a/charts/services/endorsement-system-api/values.staging.yaml b/charts/services/endorsement-system-api/values.staging.yaml deleted file mode 100644 index 335f6c6e3415..000000000000 --- a/charts/services/endorsement-system-api/values.staging.yaml +++ /dev/null @@ -1,110 +0,0 @@ -service: - name: 'endorsement-system-api' - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_FROM_NAME: 'devland.is' - EMAIL_REGION: 'eu-west-1' - ENDORSEMENT_SYSTEM_EXPORTS_BUCKET_NAME: 'island-is-staging-exports-endorsement-system' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/endorsement' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-endorsements-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_endorsements_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_endorsements_api' - secrets: - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - namespace: 'endorsement-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/endorsement-system-api/IDS-shared-secret' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/endorsement-system-api' - create: true - name: 'endorsement-system-api' diff --git a/charts/services/external-contracts-tests/values.dev.yaml b/charts/services/external-contracts-tests/values.dev.yaml deleted file mode 100644 index 5d5c2c726569..000000000000 --- a/charts/services/external-contracts-tests/values.dev.yaml +++ /dev/null @@ -1,56 +0,0 @@ -service: - name: 'external-contracts-tests' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/external-contracts-tests' - namespace: 'external-contracts-tests' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '1' - memory: '1024Mi' - requests: - cpu: '500m' - memory: '512Mi' - schedule: '0 11 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/github-actions-cache/values.dev.yaml b/charts/services/github-actions-cache/values.dev.yaml deleted file mode 100644 index 915bbb161f5d..000000000000 --- a/charts/services/github-actions-cache/values.dev.yaml +++ /dev/null @@ -1,71 +0,0 @@ -service: - name: 'github-actions-cache' - args: - - '--tls-min-v1.0' - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 8 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/github-actions-cache' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'cache.dev01.devland.is' - paths: - - '/' - namespace: 'github-actions-cache' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 5 - max: 8 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/github-actions-cache' - create: true - name: 'github-actions-cache' diff --git a/charts/services/icelandic-names-registry-backend/values.dev.yaml b/charts/services/icelandic-names-registry-backend/values.dev.yaml deleted file mode 100644 index e63778ee3933..000000000000 --- a/charts/services/icelandic-names-registry-backend/values.dev.yaml +++ /dev/null @@ -1,89 +0,0 @@ -service: - name: 'icelandic-names-registry-backend' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'icelandic_names_registry_backend' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/icelandic-names-registry-backend/values.prod.yaml b/charts/services/icelandic-names-registry-backend/values.prod.yaml deleted file mode 100644 index e8a16587358b..000000000000 --- a/charts/services/icelandic-names-registry-backend/values.prod.yaml +++ /dev/null @@ -1,91 +0,0 @@ -service: - name: 'icelandic-names-registry-backend' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/icelandic-names-registry-backend/values.staging.yaml b/charts/services/icelandic-names-registry-backend/values.staging.yaml deleted file mode 100644 index 472dc5437b77..000000000000 --- a/charts/services/icelandic-names-registry-backend/values.staging.yaml +++ /dev/null @@ -1,89 +0,0 @@ -service: - name: 'icelandic-names-registry-backend' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/icelandic-names-registry-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'icelandic_names_registry_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'icelandic_names_registry_backend' - secrets: - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - namespace: 'icelandic-names-registry' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/identity-server/values.dev.yaml b/charts/services/identity-server/values.dev.yaml deleted file mode 100644 index 78f00db79c10..000000000000 --- a/charts/services/identity-server/values.dev.yaml +++ /dev/null @@ -1,124 +0,0 @@ -service: - name: 'identity-server' - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": - "http://%%host%%:5003/metrics","namespace": - "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.dev01.devland.is/minarsidur,https://beta.dev01.devland.is/umsoknir,http://localhost:4200/minarsidur,http://localhost:4242/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://preview.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/identity-server' - create: true - name: 'identity-server' diff --git a/charts/services/identity-server/values.prod.yaml b/charts/services/identity-server/values.prod.yaml deleted file mode 100644 index 1d7e64e5903d..000000000000 --- a/charts/services/identity-server/values.prod.yaml +++ /dev/null @@ -1,124 +0,0 @@ -service: - name: 'identity-server' - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": - "http://%%host%%:5003/metrics","namespace": - "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://island.is/minarsidur,https://island.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'false' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'https://service-portal-api.internal.island.is' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'true' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SessionsApiSettings__BaseAddress: 'https://sessions-api.internal.island.is' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::567113216315:role/identity-server' - create: true - name: 'identity-server' diff --git a/charts/services/identity-server/values.staging.yaml b/charts/services/identity-server/values.staging.yaml deleted file mode 100644 index 655402a5f5e9..000000000000 --- a/charts/services/identity-server/values.staging.yaml +++ /dev/null @@ -1,124 +0,0 @@ -service: - name: 'identity-server' - annotations: - ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' - ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": - "http://%%host%%:5003/metrics","namespace": - "identity-server","metrics":["*"]}]' - ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' - enabled: true - env: - ASPNETCORE_URLS: 'http://*:5000' - AWS__CloudWatch__AuditLogGroup: '/identity-server/audit-log' - AWS__SystemsManager__ParameterStore__DataProtectionPrefix: '/k8s/identity-server/DataProtectionSecret' - Application__AllowedRedirectUris: 'https://beta.staging01.devland.is/minarsidur,https://beta.staging01.devland.is/umsoknir' - Application__MinCompletionPortThreads: '10' - AudkenniSettings__Retries: '24' - CORECLR_ENABLE_PROFILING: '1' - CORECLR_PROFILER: '{846F5F1C-F9AE-4B07-969E-05C26BC060D8}' - CORECLR_PROFILER_PATH: '/opt/datadog/Datadog.Trace.ClrProfiler.Native.so' - CacheSettings__Enabled: 'true' - ContentfulSettings__BaseAddress: 'https://cdn.contentful.com' - DD_DOTNET_TRACER_HOME: '/opt/datadog' - DD_INTEGRATIONS: '/opt/datadog/integrations.json' - DD_TRACE_DEBUG: 'true' - Datadog__Metrics__Port: '5003' - IdentityServer__ConsentsScope: '@island.is/auth/consents' - IdentityServer__EnableFakeLogin: 'true' - IdentityServer__EnableFeatureDeploymentWildcards: 'true' - IdentityServer__KeyManagement__Enabled: 'true' - IdentityServer__SigningCertificate__Path: '/etc/config/ids-signing.pfx' - LOG_LEVEL: 'info' - MeUserProfileApiSettings__BaseAddress: 'http://web-service-portal-api.service-portal.svc.cluster.local' - NODE_OPTIONS: '--max-old-space-size=1843 -r dd-trace/init' - PersistenceSettings__BaseAddress: 'http://web-services-auth-ids-api' - PersistenceSettings__DelegationsCacheEnabled: 'false' - RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' - RedisSettings__Port: '6379' - SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' - files: - - 'ids-signing.pfx' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - port: 5010 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/identity-server' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: - - accessModes: 'ReadWriteMany' - mountPath: '/keys' - name: 'identity-server' - size: '1Gi' - storageClass: 'efs-csi' - useExisting: false - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '4000m' - memory: '2048Mi' - requests: - cpu: '1000m' - memory: '1024Mi' - secrets: - AudkenniSettings__ClientId: '/k8s/identity-server/AudkenniClientId' - AudkenniSettings__ClientSecret: '/k8s/identity-server/AudkenniClientSecret' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ContentfulSettings__AccessToken: '/k8s/identity-server/CONTENTFUL_ACCESS_TOKEN' - FeatureFlags__ConfigCatSdkKey: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IdentityServer__FakePersons: '/k8s/identity-server/FakePersons' - IdentityServer__LicenseKey: '/k8s/identity-server/LicenseKey' - IdentityServer__SigningCertificate__Passphrase: '/k8s/identity-server/SigningCertificatePassphrase' - PersistenceSettings__AccessTokenManagementSettings__ClientSecret: '/k8s/identity-server/ClientSecret' - Redaction__UserIdentifiers__Key: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY' - Redaction__UserIdentifiers__KeyId: '/k8s/identity-server/redaction/USER_IDENTIFIERS_KEY_ID' - Scopes__Admin__RootAccessList: '/k8s/identity-server/AdminRootAccessList' - securityContext: - allowPrivilegeEscalation: false - privileged: false - service: - targetPort: 5000 - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/identity-server' - create: true - name: 'identity-server' diff --git a/charts/services/island-ui-storybook/values.dev.yaml b/charts/services/island-ui-storybook/values.dev.yaml deleted file mode 100644 index 50ea07b1ef80..000000000000 --- a/charts/services/island-ui-storybook/values.dev.yaml +++ /dev/null @@ -1,57 +0,0 @@ -service: - name: 'island-ui-storybook' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.dev01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/island-ui-storybook/values.prod.yaml b/charts/services/island-ui-storybook/values.prod.yaml deleted file mode 100644 index 94c54a84a047..000000000000 --- a/charts/services/island-ui-storybook/values.prod.yaml +++ /dev/null @@ -1,58 +0,0 @@ -service: - name: 'island-ui-storybook' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/island-ui-storybook/values.staging.yaml b/charts/services/island-ui-storybook/values.staging.yaml deleted file mode 100644 index 733e037b2c67..000000000000 --- a/charts/services/island-ui-storybook/values.staging.yaml +++ /dev/null @@ -1,57 +0,0 @@ -service: - name: 'island-ui-storybook' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/island-ui-storybook' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'ui.staging01.devland.is' - paths: - - '/' - namespace: 'storybook' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '10m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/judicial-system-api/values.dev.yaml b/charts/services/judicial-system-api/values.dev.yaml deleted file mode 100644 index 5dd1b26b61c9..000000000000 --- a/charts/services/judicial-system-api/values.dev.yaml +++ /dev/null @@ -1,86 +0,0 @@ -service: - name: 'judicial-system-api' - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.dev01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.dev01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-api' - create: true - name: 'judicial-system-api' diff --git a/charts/services/judicial-system-api/values.prod.yaml b/charts/services/judicial-system-api/values.prod.yaml deleted file mode 100644 index 1cc83003778d..000000000000 --- a/charts/services/judicial-system-api/values.prod.yaml +++ /dev/null @@ -1,87 +0,0 @@ -service: - name: 'judicial-system-api' - enabled: true - env: - ALLOW_AUTH_BYPASS: 'false' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://rettarvorslugatt.island.is' - AUTH_IDS_REDIRECT_URI: 'https://rettarvorslugatt.island.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-api' - create: true - name: 'judicial-system-api' diff --git a/charts/services/judicial-system-api/values.staging.yaml b/charts/services/judicial-system-api/values.staging.yaml deleted file mode 100644 index 43bface247f8..000000000000 --- a/charts/services/judicial-system-api/values.staging.yaml +++ /dev/null @@ -1,86 +0,0 @@ -service: - name: 'judicial-system-api' - enabled: true - env: - ALLOW_AUTH_BYPASS: 'true' - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - AUTH_IDS_CLIENT_ID: '@rettarvorslugatt.island.is/web' - AUTH_IDS_LOGOUT_REDIRECT_URI: 'https://judicial-system.staging01.devland.is' - AUTH_IDS_REDIRECT_URI: 'https://judicial-system.staging01.devland.is/api/auth/callback/identity-server' - AUTH_IDS_SCOPE: 'openid profile' - BACKEND_URL: 'http://web-judicial-system-backend' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/api/graphql' - - '/api/auth' - - '/api/case' - - '/api/feature' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '350m' - memory: '512Mi' - requests: - cpu: '200m' - memory: '256Mi' - secrets: - AUTH_IDS_SECRET: '/k8s/judicial-system/AUTH_IDS_SECRET' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-api' - create: true - name: 'judicial-system-api' diff --git a/charts/services/judicial-system-backend/values.dev.yaml b/charts/services/judicial-system-backend/values.dev.yaml deleted file mode 100644 index 6d4df8a6f48d..000000000000 --- a/charts/services/judicial-system-backend/values.dev.yaml +++ /dev/null @@ -1,135 +0,0 @@ -service: - name: 'judicial-system-backend' - enabled: true - env: - CLIENT_URL: 'https://judicial-system.dev01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - S3_BUCKET: 'island-is-dev-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'false' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10014/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '10019' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '10005' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'judicial_system' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' diff --git a/charts/services/judicial-system-backend/values.prod.yaml b/charts/services/judicial-system-backend/values.prod.yaml deleted file mode 100644 index e12f762b03ab..000000000000 --- a/charts/services/judicial-system-backend/values.prod.yaml +++ /dev/null @@ -1,137 +0,0 @@ -service: - name: 'judicial-system-backend' - enabled: true - env: - CLIENT_URL: 'https://rettarvorslugatt.island.is' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://ws.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-prod-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' diff --git a/charts/services/judicial-system-backend/values.staging.yaml b/charts/services/judicial-system-backend/values.staging.yaml deleted file mode 100644 index 1d2d67957e9a..000000000000 --- a/charts/services/judicial-system-backend/values.staging.yaml +++ /dev/null @@ -1,136 +0,0 @@ -service: - name: 'judicial-system-backend' - enabled: true - env: - BLOCKED_API_INTEGRATION: 'COURT,POLICE_CASE' - CLIENT_URL: 'https://judicial-system.staging01.devland.is' - CONTENTFUL_ENVIRONMENT: 'test' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - DOKOBIT_URL: 'https://developers.dokobit.com' - EMAIL_REGION: 'eu-west-1' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - S3_BUCKET: 'island-is-staging-upload-judicial-system' - S3_REGION: 'eu-west-1' - S3_TIME_TO_LIVE_GET: '5' - S3_TIME_TO_LIVE_POST: '15' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - USE_MICROSOFT_GRAPH_API_FOR_COURT_ROBOT: 'true' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5804170510/Rettarvorslugatt-Client' - XROAD_COURT_API_PATH: '/Domstolasyslan/JusticePortal-v1' - XROAD_COURT_MEMBER_CODE: '4707171140' - XROAD_POLICE_API_PATH: '/Logreglan-Private/rettarvarsla-v1' - XROAD_POLICE_MEMBER_CODE: '5309672079' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'judicial_system' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'judicial_system' - secrets: - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - ADMIN_USERS: '/k8s/judicial-system/ADMIN_USERS' - ARCHIVE_ENCRYPTION_KEY: '/k8s/judicial-system/ARCHIVE_ENCRYPTION_KEY' - AUTH_JWT_SECRET: '/k8s/judicial-system/AUTH_JWT_SECRET' - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/judicial-system/CONTENTFUL_ACCESS_TOKEN' - COURTS_ASSISTANT_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_ASSISTANT_MOBILE_NUMBERS' - COURTS_EMAILS: '/k8s/judicial-system/COURTS_EMAILS' - COURTS_MOBILE_NUMBERS: '/k8s/judicial-system/COURTS_MOBILE_NUMBERS' - COURT_ROBOT_CLIENT_ID: '/k8s/judicial-system/COURT_ROBOT_CLIENT_ID' - COURT_ROBOT_CLIENT_SECRET: '/k8s/judicial-system/COURT_ROBOT_CLIENT_SECRET' - COURT_ROBOT_EMAIL: '/k8s/judicial-system/COURT_ROBOT_EMAIL' - COURT_ROBOT_TENANT_ID: '/k8s/judicial-system/COURT_ROBOT_TENANT_ID' - COURT_ROBOT_USER: '/k8s/judicial-system/COURT_ROBOT_USER' - DB_PASS: '/k8s/judicial-system/DB_PASSWORD' - DOKOBIT_ACCESS_TOKEN: '/k8s/judicial-system/DOKOBIT_ACCESS_TOKEN' - EMAIL_FROM: '/k8s/judicial-system/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/judicial-system/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/judicial-system/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/judicial-system/EMAIL_REPLY_TO_NAME' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - EVENT_URL: '/k8s/judicial-system/EVENT_URL' - NOVA_PASSWORD: '/k8s/judicial-system/NOVA_PASSWORD' - NOVA_URL: '/k8s/judicial-system/NOVA_URL' - NOVA_USERNAME: '/k8s/judicial-system/NOVA_USERNAME' - PRISON_ADMIN_EMAIL: '/k8s/judicial-system/PRISON_ADMIN_EMAIL' - PRISON_EMAIL: '/k8s/judicial-system/PRISON_EMAIL' - XROAD_CLIENT_CERT: '/k8s/judicial-system/XROAD_CLIENT_CERT' - XROAD_CLIENT_KEY: '/k8s/judicial-system/XROAD_CLIENT_KEY' - XROAD_CLIENT_PEM: '/k8s/judicial-system/XROAD_CLIENT_PEM' - XROAD_COURTS_CREDENTIALS: '/k8s/judicial-system/COURTS_CREDENTIALS' - XROAD_POLICE_API_KEY: '/k8s/judicial-system/XROAD_POLICE_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-backend' - create: true - name: 'judicial-system-backend' diff --git a/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml b/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml deleted file mode 100644 index a506ff07933c..000000000000 --- a/charts/services/judicial-system-digital-mailbox-api/values.dev.yaml +++ /dev/null @@ -1,72 +0,0 @@ -service: - name: 'judicial-system-digital-mailbox-api' - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' diff --git a/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml b/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml deleted file mode 100644 index 606a1ba74edd..000000000000 --- a/charts/services/judicial-system-digital-mailbox-api/values.prod.yaml +++ /dev/null @@ -1,73 +0,0 @@ -service: - name: 'judicial-system-digital-mailbox-api' - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' diff --git a/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml b/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml deleted file mode 100644 index 32e75ce71fe1..000000000000 --- a/charts/services/judicial-system-digital-mailbox-api/values.staging.yaml +++ /dev/null @@ -1,72 +0,0 @@ -service: - name: 'judicial-system-digital-mailbox-api' - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-digital-mailbox-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-digital-mailbox-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-digital-mailbox-api' - create: true - name: 'judicial-system-digital-mailbox-api' diff --git a/charts/services/judicial-system-message-handler/values.dev.yaml b/charts/services/judicial-system-message-handler/values.dev.yaml deleted file mode 100644 index 00939634ed5a..000000000000 --- a/charts/services/judicial-system-message-handler/values.dev.yaml +++ /dev/null @@ -1,65 +0,0 @@ -service: - name: 'judicial-system-message-handler' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' diff --git a/charts/services/judicial-system-message-handler/values.prod.yaml b/charts/services/judicial-system-message-handler/values.prod.yaml deleted file mode 100644 index 471ce023e34c..000000000000 --- a/charts/services/judicial-system-message-handler/values.prod.yaml +++ /dev/null @@ -1,66 +0,0 @@ -service: - name: 'judicial-system-message-handler' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' diff --git a/charts/services/judicial-system-message-handler/values.staging.yaml b/charts/services/judicial-system-message-handler/values.staging.yaml deleted file mode 100644 index c5538e6d6e0d..000000000000 --- a/charts/services/judicial-system-message-handler/values.staging.yaml +++ /dev/null @@ -1,65 +0,0 @@ -service: - name: 'judicial-system-message-handler' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-message-handler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-message-handler' - create: true - name: 'judicial-system-message-handler' diff --git a/charts/services/judicial-system-robot-api/values.dev.yaml b/charts/services/judicial-system-robot-api/values.dev.yaml deleted file mode 100644 index 579cc3884eff..000000000000 --- a/charts/services/judicial-system-robot-api/values.dev.yaml +++ /dev/null @@ -1,70 +0,0 @@ -service: - name: 'judicial-system-robot-api' - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' diff --git a/charts/services/judicial-system-robot-api/values.prod.yaml b/charts/services/judicial-system-robot-api/values.prod.yaml deleted file mode 100644 index d0a69e363e73..000000000000 --- a/charts/services/judicial-system-robot-api/values.prod.yaml +++ /dev/null @@ -1,71 +0,0 @@ -service: - name: 'judicial-system-robot-api' - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' diff --git a/charts/services/judicial-system-robot-api/values.staging.yaml b/charts/services/judicial-system-robot-api/values.staging.yaml deleted file mode 100644 index 72e12631840c..000000000000 --- a/charts/services/judicial-system-robot-api/values.staging.yaml +++ /dev/null @@ -1,70 +0,0 @@ -service: - name: 'judicial-system-robot-api' - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-robot-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-robot-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-robot-api' - create: true - name: 'judicial-system-robot-api' diff --git a/charts/services/judicial-system-scheduler/values.dev.yaml b/charts/services/judicial-system-scheduler/values.dev.yaml deleted file mode 100644 index 2a413cf7e717..000000000000 --- a/charts/services/judicial-system-scheduler/values.dev.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'judicial-system-scheduler' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' diff --git a/charts/services/judicial-system-scheduler/values.prod.yaml b/charts/services/judicial-system-scheduler/values.prod.yaml deleted file mode 100644 index 8e0a6207a290..000000000000 --- a/charts/services/judicial-system-scheduler/values.prod.yaml +++ /dev/null @@ -1,68 +0,0 @@ -service: - name: 'judicial-system-scheduler' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' diff --git a/charts/services/judicial-system-scheduler/values.staging.yaml b/charts/services/judicial-system-scheduler/values.staging.yaml deleted file mode 100644 index 9166219660f3..000000000000 --- a/charts/services/judicial-system-scheduler/values.staging.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'judicial-system-scheduler' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' - SQS_QUEUE_NAME: 'sqs-judicial-system' - SQS_REGION: 'eu-west-1' - TIME_TO_LIVE_MINUTES: '30' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-scheduler' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-scheduler' - create: true - name: 'judicial-system-scheduler' diff --git a/charts/services/judicial-system-web/values.dev.yaml b/charts/services/judicial-system-web/values.dev.yaml deleted file mode 100644 index 92f94ae7681a..000000000000 --- a/charts/services/judicial-system-web/values.dev.yaml +++ /dev/null @@ -1,64 +0,0 @@ -service: - name: 'judicial-system-web' - enabled: true - env: - API_URL: 'https://judicial-system.dev01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 10 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/judicial-system-web/values.prod.yaml b/charts/services/judicial-system-web/values.prod.yaml deleted file mode 100644 index e075554eb1f6..000000000000 --- a/charts/services/judicial-system-web/values.prod.yaml +++ /dev/null @@ -1,65 +0,0 @@ -service: - name: 'judicial-system-web' - enabled: true - env: - API_URL: 'https://rettarvorslugatt.island.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 10 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'rettarvorslugatt.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/judicial-system-web/values.staging.yaml b/charts/services/judicial-system-web/values.staging.yaml deleted file mode 100644 index 382c8609fc79..000000000000 --- a/charts/services/judicial-system-web/values.staging.yaml +++ /dev/null @@ -1,64 +0,0 @@ -service: - name: 'judicial-system-web' - enabled: true - env: - API_URL: 'https://judicial-system.staging01.devland.is' - INTERNAL_API_URL: 'http://web-judicial-system-api' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 10 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '15m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - NATIONAL_REGISTRY_API_KEY: '/k8s/judicial-system/NATIONAL_REGISTRY_API_KEY' - SUPPORT_EMAIL: '/k8s/judicial-system/SUPPORT_EMAIL' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/judicial-system-xrd-api/values.dev.yaml b/charts/services/judicial-system-xrd-api/values.dev.yaml deleted file mode 100644 index aea6fa00e1c8..000000000000 --- a/charts/services/judicial-system-xrd-api/values.dev.yaml +++ /dev/null @@ -1,71 +0,0 @@ -service: - name: 'judicial-system-xrd-api' - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' diff --git a/charts/services/judicial-system-xrd-api/values.prod.yaml b/charts/services/judicial-system-xrd-api/values.prod.yaml deleted file mode 100644 index 4ca0c565e14d..000000000000 --- a/charts/services/judicial-system-xrd-api/values.prod.yaml +++ /dev/null @@ -1,72 +0,0 @@ -service: - name: 'judicial-system-xrd-api' - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.island.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' diff --git a/charts/services/judicial-system-xrd-api/values.staging.yaml b/charts/services/judicial-system-xrd-api/values.staging.yaml deleted file mode 100644 index 5c05caaa03c4..000000000000 --- a/charts/services/judicial-system-xrd-api/values.staging.yaml +++ /dev/null @@ -1,71 +0,0 @@ -service: - name: 'judicial-system-xrd-api' - enabled: true - env: - AUDIT_TRAIL_GROUP_NAME: 'k8s/judicial-system/audit-log' - AUDIT_TRAIL_REGION: 'eu-west-1' - AUDIT_TRAIL_USE_GENERIC_LOGGER: 'false' - BACKEND_URL: 'http://web-judicial-system-backend' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/judicial-system-xrd-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'judicial-system-xrd-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'judicial-system' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - BACKEND_ACCESS_TOKEN: '/k8s/judicial-system/BACKEND_ACCESS_TOKEN' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - ERROR_EVENT_URL: '/k8s/judicial-system/ERROR_EVENT_URL' - LAWYERS_ICELAND_API_KEY: '/k8s/judicial-system/LAWYERS_ICELAND_API_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/judicial-system-xrd-api' - create: true - name: 'judicial-system-xrd-api' diff --git a/charts/services/license-api/values.dev.yaml b/charts/services/license-api/values.dev.yaml deleted file mode 100644 index 40a5eaeffb7b..000000000000 --- a/charts/services/license-api/values.dev.yaml +++ /dev/null @@ -1,94 +0,0 @@ -service: - name: 'license-api' - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-DEV/GOV/10008/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS-DEV/GOV/10005/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS-DEV/GOV/10005/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-DEV/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/license-api/values.prod.yaml b/charts/services/license-api/values.prod.yaml deleted file mode 100644 index 65ccf0086527..000000000000 --- a/charts/services/license-api/values.prod.yaml +++ /dev/null @@ -1,95 +0,0 @@ -service: - name: 'license-api' - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: 'd4ecf781-3764-4063-a4e1-9c3e17cebfba' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v1' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS/GOV/7010022880/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.island.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/license-api/values.staging.yaml b/charts/services/license-api/values.staging.yaml deleted file mode 100644 index f3fe1baa0958..000000000000 --- a/charts/services/license-api/values.staging.yaml +++ /dev/null @@ -1,94 +0,0 @@ -service: - name: 'license-api' - enabled: true - env: - HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_DISABILITY_LICENSE_PATH: 'IS-TEST/GOV/5012130120/TR-Protected/oryrki-v1' - XROAD_DRIVING_LICENSE_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v1' - XROAD_DRIVING_LICENSE_V2_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/RafraentOkuskirteini-v2' - XROAD_DRIVING_LICENSE_V4_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v4' - XROAD_DRIVING_LICENSE_V5_PATH: 'r1/IS/GOV/5309672079/Logreglan-Protected/Okuskirteini-v5' - XROAD_FIREARM_LICENSE_PATH: 'IS/GOV/5309672079/Logreglan-Protected/island-api-v1' - XROAD_HUNTING_LICENSE_PATH: 'IS-TEST/GOV/10009/Umhverfisstofnun-Protected/api' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/license-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'license-api-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'license-api' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - ADR_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/ADR_LICENSE_PASS_TEMPLATE_ID' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DISABILITY_LICENSE_FETCH_TIMEOUT: '/k8s/api/DISABILITY_LICENSE_FETCH_TIMEOUT' - DISABILITY_LICENSE_PASS_TEMPLATE_ID: '/k8s/DISABILITY_LICENSE_PASS_TEMPLATE_ID' - DRIVING_LICENSE_FETCH_TIMEOUT: '/k8s/api/DRIVING_LICENSE_FETCH_TIMEOUT' - DRIVING_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/DRIVING_LICENSE_PASS_TEMPLATE_ID' - FIREARM_LICENSE_FETCH_TIMEOUT: '/k8s/api/FIREARM_LICENSE_FETCH_TIMEOUT' - FIREARM_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/FIREARM_LICENSE_PASS_TEMPLATE_ID' - LICENSE_SERVICE_BARCODE_SECRET_KEY: '/k8s/api/LICENSE_SERVICE_BARCODE_SECRET_KEY' - MACHINE_LICENSE_PASS_TEMPLATE_ID: '/k8s/api/MACHINE_LICENSE_PASS_TEMPLATE_ID' - PKPASS_API_KEY: '/k8s/api/PKPASS_API_KEY' - PKPASS_API_URL: '/k8s/api/PKPASS_API_URL' - PKPASS_AUTH_RETRIES: '/k8s/api/PKPASS_AUTH_RETRIES' - PKPASS_CACHE_KEY: '/k8s/api/PKPASS_CACHE_KEY' - PKPASS_CACHE_TOKEN_EXPIRY_DELTA: '/k8s/api/PKPASS_CACHE_TOKEN_EXPIRY_DELTA' - PKPASS_SECRET_KEY: '/k8s/api/PKPASS_SECRET_KEY' - RLS_OPEN_LOOKUP_API_KEY: '/k8s/api/RLS_OPEN_LOOKUP_API_KEY' - RLS_PKPASS_API_KEY: '/k8s/api/RLS_PKPASS_API_KEY' - SMART_SOLUTIONS_API_URL: '/k8s/api/SMART_SOLUTIONS_API_URL' - TR_PKPASS_API_KEY: '/k8s/api/TR_PKPASS_API_KEY' - UST_PKPASS_API_KEY: '/k8s/api/UST_PKPASS_API_KEY' - VE_PKPASS_API_KEY: '/k8s/api/VE_PKPASS_API_KEY' - XROAD_DRIVING_LICENSE_SECRET: '/k8s/api/DRIVING_LICENSE_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/portals-admin/values.dev.yaml b/charts/services/portals-admin/values.dev.yaml deleted file mode 100644 index 140cc5f09891..000000000000 --- a/charts/services/portals-admin/values.dev.yaml +++ /dev/null @@ -1,66 +0,0 @@ -service: - name: 'portals-admin' - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/portals-admin/values.prod.yaml b/charts/services/portals-admin/values.prod.yaml deleted file mode 100644 index f7fb2f7e188e..000000000000 --- a/charts/services/portals-admin/values.prod.yaml +++ /dev/null @@ -1,70 +0,0 @@ -service: - name: 'portals-admin' - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord' - - host: 'www.island.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/portals-admin/values.staging.yaml b/charts/services/portals-admin/values.staging.yaml deleted file mode 100644 index 04759912896f..000000000000 --- a/charts/services/portals-admin/values.staging.yaml +++ /dev/null @@ -1,66 +0,0 @@ -service: - name: 'portals-admin' - enabled: true - env: - BASEPATH: '/stjornbord' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/portals-admin' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/regulations-admin-backend/values.dev.yaml b/charts/services/regulations-admin-backend/values.dev.yaml deleted file mode 100644 index ae653c7b4893..000000000000 --- a/charts/services/regulations-admin-backend/values.dev.yaml +++ /dev/null @@ -1,93 +0,0 @@ -service: - name: 'regulations-admin-backend' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'regulations_admin_backend' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/regulations-admin-backend/values.prod.yaml b/charts/services/regulations-admin-backend/values.prod.yaml deleted file mode 100644 index 70028988dab4..000000000000 --- a/charts/services/regulations-admin-backend/values.prod.yaml +++ /dev/null @@ -1,95 +0,0 @@ -service: - name: 'regulations-admin-backend' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/regulations-admin-backend/values.staging.yaml b/charts/services/regulations-admin-backend/values.staging.yaml deleted file mode 100644 index 0497b8f33b44..000000000000 --- a/charts/services/regulations-admin-backend/values.staging.yaml +++ /dev/null @@ -1,93 +0,0 @@ -service: - name: 'regulations-admin-backend' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/regulations-admin-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'islandis' - - 'download-service' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/regulations-admin-backend' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'regulations_admin_backend' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'regulations_admin_backend' - secrets: - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - namespace: 'regulations-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-regulations-admin/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - REGULATIONS_API_URL: '/k8s/api/REGULATIONS_API_URL' - REGULATIONS_FILE_UPLOAD_KEY_DRAFT: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_DRAFT' - REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PRESIGNED' - REGULATIONS_FILE_UPLOAD_KEY_PUBLISH: '/k8s/api/REGULATIONS_FILE_UPLOAD_KEY_PUBLISH' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/search-indexer-service/values.dev.yaml b/charts/services/search-indexer-service/values.dev.yaml deleted file mode 100644 index 8695d0403f2f..000000000000 --- a/charts/services/search-indexer-service/values.dev.yaml +++ /dev/null @@ -1,132 +0,0 @@ -service: - name: 'search-indexer-service' - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.dev01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'preview.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'dev' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'dev-es-custom-packages' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/search-indexer' - create: true - name: 'search-indexer' diff --git a/charts/services/search-indexer-service/values.prod.yaml b/charts/services/search-indexer-service/values.prod.yaml deleted file mode 100644 index f21d4715c254..000000000000 --- a/charts/services/search-indexer-service/values.prod.yaml +++ /dev/null @@ -1,133 +0,0 @@ -service: - name: 'search-indexer-service' - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.island.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'prod' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'prod-es-custom-packages' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/search-indexer' - create: true - name: 'search-indexer' diff --git a/charts/services/search-indexer-service/values.staging.yaml b/charts/services/search-indexer-service/values.staging.yaml deleted file mode 100644 index 9c157f99f0ef..000000000000 --- a/charts/services/search-indexer-service/values.staging.yaml +++ /dev/null @@ -1,132 +0,0 @@ -service: - name: 'search-indexer-service' - enabled: true - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 1 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-search-indexer' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'search-indexer-service.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - '/webapp/migrateAws.js' - command: - - '/usr/local/bin/node' - name: 'migrate-aws' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - - args: - - '/webapp/migrateElastic.js' - command: - - '/usr/local/bin/node' - name: 'migrate-elastic' - resources: - limits: - cpu: '700m' - memory: '4096Mi' - requests: - cpu: '300m' - memory: '3072Mi' - - args: - - '/webapp/migrateKibana.js' - command: - - '/usr/local/bin/node' - name: 'migrate-kibana' - resources: - limits: - cpu: '400m' - memory: '2048Mi' - requests: - cpu: '100m' - memory: '512Mi' - env: - AIR_DISCOUNT_SCHEME_FRONTEND_HOSTNAME: 'loftbru.staging01.devland.is' - APPLICATION_URL: 'http://search-indexer-service' - CONTENTFUL_ENTRY_FETCH_CHUNK_SIZE: '40' - CONTENTFUL_ENVIRONMENT: 'master' - CONTENTFUL_HOST: 'cdn.contentful.com' - CONTENTFUL_SPACE: '8k0h54kbe6bj' - ELASTIC_DOMAIN: 'search' - ELASTIC_INDEX: 'island-is' - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - ENVIRONMENT: 'staging' - NODE_OPTIONS: '--max-old-space-size=2048' - S3_BUCKET: 'staging-es-custom-packages' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - namespace: 'search-indexer' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - progressDeadlineSeconds: 1500 - pvcs: [] - replicaCount: - default: 1 - max: 1 - min: 1 - resources: - limits: - cpu: '800m' - memory: '4096Mi' - requests: - cpu: '400m' - memory: '3072Mi' - secrets: - API_CMS_DELETION_TOKEN: '/k8s/search-indexer/API_CMS_DELETION_TOKEN' - API_CMS_SYNC_TOKEN: '/k8s/search-indexer/API_CMS_SYNC_TOKEN' - APOLLO_BYPASS_CACHE_SECRET: '/k8s/api/APOLLO_BYPASS_CACHE_SECRET' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/search-indexer' - create: true - name: 'search-indexer' diff --git a/charts/services/service-portal-api/values.dev.yaml b/charts/services/service-portal-api/values.dev.yaml deleted file mode 100644 index 50c57d7436af..000000000000 --- a/charts/services/service-portal-api/values.dev.yaml +++ /dev/null @@ -1,125 +0,0 @@ -service: - name: 'service-portal-api' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.dev01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'service_portal_api' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/service-portal-api' - create: true - name: 'service-portal-api' diff --git a/charts/services/service-portal-api/values.prod.yaml b/charts/services/service-portal-api/values.prod.yaml deleted file mode 100644 index 06206637a202..000000000000 --- a/charts/services/service-portal-api/values.prod.yaml +++ /dev/null @@ -1,127 +0,0 @@ -service: - name: 'service-portal-api' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_BASE_URL: 'https://island.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.island.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/service-portal-api' - create: true - name: 'service-portal-api' diff --git a/charts/services/service-portal-api/values.staging.yaml b/charts/services/service-portal-api/values.staging.yaml deleted file mode 100644 index fbcc39cab818..000000000000 --- a/charts/services/service-portal-api/values.staging.yaml +++ /dev/null @@ -1,125 +0,0 @@ -service: - name: 'service-portal-api' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - ISLYKILL_CERT: '/etc/config/islyklar.p12' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - files: - - 'islyklar.p12' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'user-notification' - - 'identity-server' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-profile' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'service-portal-api.internal.staging01.devland.is' - paths: - - '/' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'service_portal_api' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'service_portal_api' - secrets: - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '800m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' - EMAIL_FROM: '/k8s/service-portal/api/EMAIL_FROM' - EMAIL_FROM_NAME: '/k8s/service-portal/api/EMAIL_FROM_NAME' - EMAIL_REPLY_TO: '/k8s/service-portal/api/EMAIL_REPLY_TO' - EMAIL_REPLY_TO_NAME: '/k8s/service-portal/api/EMAIL_REPLY_TO_NAME' - IDENTITY_SERVER_CLIENT_ID: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/service-portal/api/SERVICE_PORTAL_API_CLIENT_SECRET' - ISLYKILL_SERVICE_BASEPATH: '/k8s/api/ISLYKILL_SERVICE_BASEPATH' - ISLYKILL_SERVICE_PASSPHRASE: '/k8s/api/ISLYKILL_SERVICE_PASSPHRASE' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/gjafakort/NOVA_PASSWORD' - NOVA_URL: '/k8s/service-portal-api/NOVA_URL' - NOVA_USERNAME: '/k8s/gjafakort/NOVA_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/service-portal-api' - create: true - name: 'service-portal-api' diff --git a/charts/services/service-portal/values.dev.yaml b/charts/services/service-portal/values.dev.yaml deleted file mode 100644 index 31414f306c42..000000000000 --- a/charts/services/service-portal/values.dev.yaml +++ /dev/null @@ -1,70 +0,0 @@ -service: - name: 'service-portal' - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SI_PUBLIC_ENVIRONMENT: 'dev' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/service-portal/values.prod.yaml b/charts/services/service-portal/values.prod.yaml deleted file mode 100644 index b44dc93cbfcf..000000000000 --- a/charts/services/service-portal/values.prod.yaml +++ /dev/null @@ -1,74 +0,0 @@ -service: - name: 'service-portal' - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SI_PUBLIC_ENVIRONMENT: 'prod' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/minarsidur' - - host: 'www.island.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/service-portal/values.staging.yaml b/charts/services/service-portal/values.staging.yaml deleted file mode 100644 index 506ea9ae26fc..000000000000 --- a/charts/services/service-portal/values.staging.yaml +++ /dev/null @@ -1,70 +0,0 @@ -service: - name: 'service-portal' - enabled: true - env: - BASEPATH: '/minarsidur' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230' - SI_PUBLIC_ENVIRONMENT: 'staging' - SI_PUBLIC_GRAPHQL_API: '/api/graphql' - SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-internal' - - 'nginx-ingress-external' - - 'islandis' - - 'user-notification' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 30 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/service-portal' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/minarsidur' - namespace: 'service-portal' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 30 - min: 2 - resources: - limits: - cpu: '300m' - memory: '256Mi' - requests: - cpu: '5m' - memory: '32Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - SI_PUBLIC_DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - SI_PUBLIC_DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-admin-api/values.dev.yaml b/charts/services/services-auth-admin-api/values.dev.yaml deleted file mode 100644 index 30a78ebf1392..000000000000 --- a/charts/services/services-auth-admin-api/values.dev.yaml +++ /dev/null @@ -1,92 +0,0 @@ -service: - name: 'services-auth-admin-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-admin-api/values.prod.yaml b/charts/services/services-auth-admin-api/values.prod.yaml deleted file mode 100644 index 7d84a9fe56e7..000000000000 --- a/charts/services/services-auth-admin-api/values.prod.yaml +++ /dev/null @@ -1,93 +0,0 @@ -service: - name: 'services-auth-admin-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-admin-api/values.staging.yaml b/charts/services/services-auth-admin-api/values.staging.yaml deleted file mode 100644 index 3a21a0cd5e48..000000000000 --- a/charts/services/services-auth-admin-api/values.staging.yaml +++ /dev/null @@ -1,92 +0,0 @@ -service: - name: 'services-auth-admin-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/backend/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/backend/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-admin-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/backend' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '768Mi' - requests: - cpu: '100m' - memory: '512Mi' - secrets: - CLIENT_SECRET_ENCRYPTION_KEY: '/k8s/services-auth/admin-api/CLIENT_SECRET_ENCRYPTION_KEY' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-delegation-api/values.dev.yaml b/charts/services/services-auth-delegation-api/values.dev.yaml deleted file mode 100644 index b31f8803d218..000000000000 --- a/charts/services/services-auth-delegation-api/values.dev.yaml +++ /dev/null @@ -1,91 +0,0 @@ -service: - name: 'services-auth-delegation-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-delegation-api/values.prod.yaml b/charts/services/services-auth-delegation-api/values.prod.yaml deleted file mode 100644 index 9ac151de4a44..000000000000 --- a/charts/services/services-auth-delegation-api/values.prod.yaml +++ /dev/null @@ -1,92 +0,0 @@ -service: - name: 'services-auth-delegation-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'https://user-notification.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.innskra.island.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-delegation-api/values.staging.yaml b/charts/services/services-auth-delegation-api/values.staging.yaml deleted file mode 100644 index f9a88df165d1..000000000000 --- a/charts/services/services-auth-delegation-api/values.staging.yaml +++ /dev/null @@ -1,91 +0,0 @@ -service: - name: 'services-auth-delegation-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'service-portal' - - 'user-notification-worker' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-delegation-api' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'auth-delegation-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'identity-server-delegation' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.dev.yaml b/charts/services/services-auth-ids-api-cleanup/values.dev.yaml deleted file mode 100644 index d95ec37395fe..000000000000 --- a/charts/services/services-auth-ids-api-cleanup/values.dev.yaml +++ /dev/null @@ -1,62 +0,0 @@ -service: - name: 'services-auth-ids-api-cleanup' - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.prod.yaml b/charts/services/services-auth-ids-api-cleanup/values.prod.yaml deleted file mode 100644 index 7f59b90ba58d..000000000000 --- a/charts/services/services-auth-ids-api-cleanup/values.prod.yaml +++ /dev/null @@ -1,63 +0,0 @@ -service: - name: 'services-auth-ids-api-cleanup' - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-ids-api-cleanup/values.staging.yaml b/charts/services/services-auth-ids-api-cleanup/values.staging.yaml deleted file mode 100644 index b99e99a0717e..000000000000 --- a/charts/services/services-auth-ids-api-cleanup/values.staging.yaml +++ /dev/null @@ -1,62 +0,0 @@ -service: - name: 'services-auth-ids-api-cleanup' - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - - 'portals-admin' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '1024Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-ids-api/values.dev.yaml b/charts/services/services-auth-ids-api/values.dev.yaml deleted file mode 100644 index 3f2e3cbfbec6..000000000000 --- a/charts/services/services-auth-ids-api/values.dev.yaml +++ /dev/null @@ -1,129 +0,0 @@ -service: - name: 'services-auth-ids-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'true' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-ids-api/values.prod.yaml b/charts/services/services-auth-ids-api/values.prod.yaml deleted file mode 100644 index 9c15653ec6e8..000000000000 --- a/charts/services/services-auth-ids-api/values.prod.yaml +++ /dev/null @@ -1,131 +0,0 @@ -service: - name: 'services-auth-ids-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '8271bbc2-d8de-480f-8540-ea43fc40b7ae' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'https://service-portal-api.internal.island.is' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-ids-api/values.staging.yaml b/charts/services/services-auth-ids-api/values.staging.yaml deleted file mode 100644 index cb6fb4a52e6d..000000000000 --- a/charts/services/services-auth-ids-api/values.staging.yaml +++ /dev/null @@ -1,129 +0,0 @@ -service: - name: 'services-auth-ids-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '6cf94113-d326-4e4d-b97c-1fea12d2f5e1' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - NOVA_ACCEPT_UNAUTHORIZED: 'false' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_MAX_AGE_DAYS: '365' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-external' - - 'user-notification' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 15 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-ids-api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - secrets: - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - namespace: 'identity-server' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 15 - min: 2 - resources: - limits: - cpu: '800m' - memory: '768Mi' - requests: - cpu: '400m' - memory: '512Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/services-auth/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - NOVA_PASSWORD: '/k8s/services-auth/NOVA_PASSWORD' - NOVA_URL: '/k8s/services-auth/NOVA_URL' - NOVA_USERNAME: '/k8s/services-auth/NOVA_USERNAME' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.dev.yaml b/charts/services/services-auth-personal-representative-public/values.dev.yaml deleted file mode 100644 index d067383d7856..000000000000 --- a/charts/services/services-auth-personal-representative-public/values.dev.yaml +++ /dev/null @@ -1,62 +0,0 @@ -service: - name: 'services-auth-personal-representative-public' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.prod.yaml b/charts/services/services-auth-personal-representative-public/values.prod.yaml deleted file mode 100644 index eac91f44d94c..000000000000 --- a/charts/services/services-auth-personal-representative-public/values.prod.yaml +++ /dev/null @@ -1,63 +0,0 @@ -service: - name: 'services-auth-personal-representative-public' - enabled: true - env: - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-personal-representative-public/values.staging.yaml b/charts/services/services-auth-personal-representative-public/values.staging.yaml deleted file mode 100644 index 9ff06b18a83d..000000000000 --- a/charts/services/services-auth-personal-representative-public/values.staging.yaml +++ /dev/null @@ -1,62 +0,0 @@ -service: - name: 'services-auth-personal-representative-public' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative-public' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-public-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-personal-representative/values.dev.yaml b/charts/services/services-auth-personal-representative/values.dev.yaml deleted file mode 100644 index b747cb355e7c..000000000000 --- a/charts/services/services-auth-personal-representative/values.dev.yaml +++ /dev/null @@ -1,85 +0,0 @@ -service: - name: 'services-auth-personal-representative' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-personal-representative/values.prod.yaml b/charts/services/services-auth-personal-representative/values.prod.yaml deleted file mode 100644 index 913b4f0aad8d..000000000000 --- a/charts/services/services-auth-personal-representative/values.prod.yaml +++ /dev/null @@ -1,86 +0,0 @@ -service: - name: 'services-auth-personal-representative' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.innskra.island.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-personal-representative/values.staging.yaml b/charts/services/services-auth-personal-representative/values.staging.yaml deleted file mode 100644 index 4bdb5440ac73..000000000000 --- a/charts/services/services-auth-personal-representative/values.staging.yaml +++ /dev/null @@ -1,85 +0,0 @@ -service: - name: 'services-auth-personal-representative' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-personal-representative' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'personal-representative-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'personal-representative' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-public-api/values.dev.yaml b/charts/services/services-auth-public-api/values.dev.yaml deleted file mode 100644 index 650c77ac5018..000000000000 --- a/charts/services/services-auth-public-api/values.dev.yaml +++ /dev/null @@ -1,101 +0,0 @@ -service: - name: 'services-auth-public-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-DEV/GOV/10001/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-DEV/GOV/10006/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '10001' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.dev01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-public-api/values.prod.yaml b/charts/services/services-auth-public-api/values.prod.yaml deleted file mode 100644 index b6e9516a304a..000000000000 --- a/charts/services/services-auth-public-api/values.prod.yaml +++ /dev/null @@ -1,102 +0,0 @@ -service: - name: 'services-auth-public-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-ids.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-ids.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://innskra.island.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SYSLUMENN_HOST: 'https://api.syslumenn.is/api' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.dnugi2.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'innskra.island.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-auth-public-api/values.staging.yaml b/charts/services/services-auth-public-api/values.staging.yaml deleted file mode 100644 index 43a408282509..000000000000 --- a/charts/services/services-auth-public-api/values.staging.yaml +++ /dev/null @@ -1,101 +0,0 @@ -service: - name: 'services-auth-public-api' - enabled: true - env: - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'servicesauth' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'servicesauth' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/auth-api' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - PASSKEY_CORE_ALLOWED_ORIGINS: '["https://island.is","android:apk-key-hash:JgPeo_F6KYk-ngRa26tO2SsAtMiTBQCc7WtSgN-jRX0","android:apk-key-hash:EsLTUu5kaY7XPmMl2f7nbq4amu-PNzdYu3FecNf90wU"]' - PASSKEY_CORE_CHALLENGE_TTL_MS: '120000' - PASSKEY_CORE_RP_ID: 'island.is' - PASSKEY_CORE_RP_NAME: 'Island.is' - PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' - REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' - SYSLUMENN_TIMEOUT: '3000' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_NATIONAL_REGISTRY_ACTOR_TOKEN: 'true' - XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_NATIONAL_REGISTRY_SERVICE_PATH: 'IS-TEST/GOV/6503760649/SKRA-Protected/Einstaklingar-v1' - XROAD_RSK_PROCURING_ACTOR_TOKEN: 'true' - XROAD_RSK_PROCURING_PATH: 'IS-TEST/GOV/5402696029/Skatturinn/relationships-v1' - XROAD_RSK_PROCURING_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_TJODSKRA_API_PATH: '/SKRA-Protected/Einstaklingar-v1' - XROAD_TJODSKRA_MEMBER_CODE: '6503760649' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - ZENDESK_CONTACT_FORM_SUBDOMAIN: 'digitaliceland' - grantNamespaces: - - 'nginx-ingress-external' - - 'nginx-ingress-internal' - - 'islandis' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-auth-public-api' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'identity-server.staging01.devland.is' - paths: - - '/api(/|$)(.*)' - namespace: 'identity-server-admin' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/servicesauth/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-auth/IDENTITY_SERVER_CLIENT_SECRET' - NATIONAL_REGISTRY_IDS_CLIENT_SECRET: '/k8s/xroad/client/NATIONAL-REGISTRY/IDENTITYSERVER_SECRET' - SYSLUMENN_PASSWORD: '/k8s/services-auth/SYSLUMENN_PASSWORD' - SYSLUMENN_USERNAME: '/k8s/services-auth/SYSLUMENN_USERNAME' - ZENDESK_CONTACT_FORM_EMAIL: '/k8s/api/ZENDESK_CONTACT_FORM_EMAIL' - ZENDESK_CONTACT_FORM_TOKEN: '/k8s/api/ZENDESK_CONTACT_FORM_TOKEN' - ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE: '/k8s/services-auth/ZENDESK_WEBHOOK_SECRET_GENERAL_MANDATE' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-bff-portals-admin/values.dev.yaml b/charts/services/services-bff-portals-admin/values.dev.yaml deleted file mode 100644 index accc4e94341c..000000000000 --- a/charts/services/services-bff-portals-admin/values.dev.yaml +++ /dev/null @@ -1,84 +0,0 @@ -service: - name: 'services-bff-portals-admin' - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.dev01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.dev01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.dev01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.dev01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.dev01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-bff' - create: true - name: 'services-bff' diff --git a/charts/services/services-bff-portals-admin/values.prod.yaml b/charts/services/services-bff-portals-admin/values.prod.yaml deleted file mode 100644 index cb57cdf7f182..000000000000 --- a/charts/services/services-bff-portals-admin/values.prod.yaml +++ /dev/null @@ -1,87 +0,0 @@ -service: - name: 'services-bff-portals-admin' - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.island.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://island.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://island.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://island.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://island.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/stjornbord/bff' - - host: 'www.island.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-bff' - create: true - name: 'services-bff' diff --git a/charts/services/services-bff-portals-admin/values.staging.yaml b/charts/services/services-bff-portals-admin/values.staging.yaml deleted file mode 100644 index c72f6bd4a467..000000000000 --- a/charts/services/services-bff-portals-admin/values.staging.yaml +++ /dev/null @@ -1,84 +0,0 @@ -service: - name: 'services-bff-portals-admin' - enabled: true - env: - BFF_ALLOWED_EXTERNAL_API_URLS: '["https://api.staging01.devland.is"]' - BFF_ALLOWED_REDIRECT_URIS: '["https://beta.staging01.devland.is"]' - BFF_CACHE_USER_PROFILE_TTL_MS: '3595000' - BFF_CALLBACKS_BASE_PATH: 'https://beta.staging01.devland.is/stjornbord/bff/callbacks' - BFF_CLIENT_BASE_URL: 'https://beta.staging01.devland.is' - BFF_CLIENT_KEY_PATH: '/stjornbord' - BFF_LOGIN_ATTEMPT_TTL_MS: '604800000' - BFF_LOGOUT_REDIRECT_URI: 'https://beta.staging01.devland.is' - BFF_NAME: 'stjornbord' - BFF_PAR_SUPPORT_ENABLED: 'true' - BFF_PROXY_API_ENDPOINT: 'http://web-api.islandis.svc.cluster.local/api/graphql' - IDENTITY_SERVER_CLIENT_ID: '@admin.island.is/bff-stjornbord' - IDENTITY_SERVER_CLIENT_SCOPES: '["@admin.island.is/delegations","@admin.island.is/ads","@admin.island.is/regulations","@admin.island.is/regulations:manage","@admin.island.is/icelandic-names-registry","@admin.island.is/application-system:admin","@admin.island.is/application-system:institution","@admin.island.is/document-provider","@admin.island.is/auth","@admin.island.is/auth:admin","@admin.island.is/petitions","@admin.island.is/service-desk","@admin.island.is/ads:explicit","@admin.island.is/signature-collection:manage","@admin.island.is/signature-collection:process","@admin.island.is/form-system","@admin.island.is/form-system:admin","@admin.island.is/delegation-system","@admin.island.is/delegation-system:admin"]' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - grantNamespaces: - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/stjornbord/bff/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-bff' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/enable-global-auth: 'false' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/stjornbord/bff' - namespace: 'portals-admin' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - BFF_TOKEN_SECRET_BASE64: '/k8s/services-bff/portals-admin/BFF_TOKEN_SECRET_BASE64' - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-bff/portals-admin/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-bff' - create: true - name: 'services-bff' diff --git a/charts/services/services-documents/values.dev.yaml b/charts/services/services-documents/values.dev.yaml deleted file mode 100644 index d98f9d209753..000000000000 --- a/charts/services/services-documents/values.dev.yaml +++ /dev/null @@ -1,77 +0,0 @@ -service: - name: 'services-documents' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_documents' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-documents/values.prod.yaml b/charts/services/services-documents/values.prod.yaml deleted file mode 100644 index b98e61e2a13b..000000000000 --- a/charts/services/services-documents/values.prod.yaml +++ /dev/null @@ -1,79 +0,0 @@ -service: - name: 'services-documents' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-documents/values.staging.yaml b/charts/services/services-documents/values.staging.yaml deleted file mode 100644 index 8d162882aeef..000000000000 --- a/charts/services/services-documents/values.staging.yaml +++ /dev/null @@ -1,77 +0,0 @@ -service: - name: 'services-documents' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'islandis' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-documents' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_documents' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_documents' - secrets: - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - namespace: 'services-documents' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-documents/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-sessions-cleanup/values.dev.yaml b/charts/services/services-sessions-cleanup/values.dev.yaml deleted file mode 100644 index e4d9b53b282e..000000000000 --- a/charts/services/services-sessions-cleanup/values.dev.yaml +++ /dev/null @@ -1,61 +0,0 @@ -service: - name: 'services-sessions-cleanup' - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-sessions-cleanup/values.prod.yaml b/charts/services/services-sessions-cleanup/values.prod.yaml deleted file mode 100644 index d82ee5e3f032..000000000000 --- a/charts/services/services-sessions-cleanup/values.prod.yaml +++ /dev/null @@ -1,62 +0,0 @@ -service: - name: 'services-sessions-cleanup' - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-sessions-cleanup/values.staging.yaml b/charts/services/services-sessions-cleanup/values.staging.yaml deleted file mode 100644 index 15de1ac7a843..000000000000 --- a/charts/services/services-sessions-cleanup/values.staging.yaml +++ /dev/null @@ -1,61 +0,0 @@ -service: - name: 'services-sessions-cleanup' - args: - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - schedule: '0 3 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-sessions-worker/values.dev.yaml b/charts/services/services-sessions-worker/values.dev.yaml deleted file mode 100644 index f0ef9e39db1e..000000000000 --- a/charts/services/services-sessions-worker/values.dev.yaml +++ /dev/null @@ -1,94 +0,0 @@ -service: - name: 'services-sessions-worker' - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/sessions-worker' - create: true - name: 'sessions-worker' diff --git a/charts/services/services-sessions-worker/values.prod.yaml b/charts/services/services-sessions-worker/values.prod.yaml deleted file mode 100644 index 60f349f6054e..000000000000 --- a/charts/services/services-sessions-worker/values.prod.yaml +++ /dev/null @@ -1,96 +0,0 @@ -service: - name: 'services-sessions-worker' - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/sessions-worker' - create: true - name: 'sessions-worker' diff --git a/charts/services/services-sessions-worker/values.staging.yaml b/charts/services/services-sessions-worker/values.staging.yaml deleted file mode 100644 index 50773ba16d31..000000000000 --- a/charts/services/services-sessions-worker/values.staging.yaml +++ /dev/null @@ -1,94 +0,0 @@ -service: - name: 'services-sessions-worker' - args: - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_EXTENSIONS: 'uuid-ossp' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions' - secrets: - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '100m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/sessions-worker' - create: true - name: 'sessions-worker' diff --git a/charts/services/services-sessions/values.dev.yaml b/charts/services/services-sessions/values.dev.yaml deleted file mode 100644 index 16eae3ff3434..000000000000 --- a/charts/services/services-sessions/values.dev.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'services-sessions' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.dev01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-sessions/values.prod.yaml b/charts/services/services-sessions/values.prod.yaml deleted file mode 100644 index fc6ad0be31c2..000000000000 --- a/charts/services/services-sessions/values.prod.yaml +++ /dev/null @@ -1,68 +0,0 @@ -service: - name: 'services-sessions' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.island.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-sessions/values.staging.yaml b/charts/services/services-sessions/values.staging.yaml deleted file mode 100644 index 8ab587e5bed2..000000000000 --- a/charts/services/services-sessions/values.staging.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'services-sessions' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_sessions' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_sessions_read' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-sessions' - ingress: - internal-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'sessions-api.internal.staging01.devland.is' - paths: - - '/' - namespace: 'services-sessions' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '250m' - memory: '512Mi' - requests: - cpu: '25m' - memory: '300Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-sessions/readonly/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/services-university-gateway-worker/values.dev.yaml b/charts/services/services-university-gateway-worker/values.dev.yaml deleted file mode 100644 index 2b84b2359ee3..000000000000 --- a/charts/services/services-university-gateway-worker/values.dev.yaml +++ /dev/null @@ -1,85 +0,0 @@ -service: - name: 'services-university-gateway-worker' - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' diff --git a/charts/services/services-university-gateway-worker/values.prod.yaml b/charts/services/services-university-gateway-worker/values.prod.yaml deleted file mode 100644 index 5865f9c1a07a..000000000000 --- a/charts/services/services-university-gateway-worker/values.prod.yaml +++ /dev/null @@ -1,86 +0,0 @@ -service: - name: 'services-university-gateway-worker' - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 * * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' diff --git a/charts/services/services-university-gateway-worker/values.staging.yaml b/charts/services/services-university-gateway-worker/values.staging.yaml deleted file mode 100644 index e558c5968f38..000000000000 --- a/charts/services/services-university-gateway-worker/values.staging.yaml +++ /dev/null @@ -1,85 +0,0 @@ -service: - name: 'services-university-gateway-worker' - args: - - 'main.js' - - '--job' - - 'worker' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway-worker' - create: true - name: 'services-university-gateway-worker' diff --git a/charts/services/services-university-gateway/values.dev.yaml b/charts/services/services-university-gateway/values.dev.yaml deleted file mode 100644 index bdc386589440..000000000000 --- a/charts/services/services-university-gateway/values.dev.yaml +++ /dev/null @@ -1,126 +0,0 @@ -service: - name: 'services-university-gateway' - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-DEV/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-DEV/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-DEV/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-DEV/EDU/10062/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-DEV/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.dev01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'services_university_gateway' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/services-university-gateway' - create: true - name: 'services-university-gateway' diff --git a/charts/services/services-university-gateway/values.prod.yaml b/charts/services/services-university-gateway/values.prod.yaml deleted file mode 100644 index ea7c51eefcb0..000000000000 --- a/charts/services/services-university-gateway/values.prod.yaml +++ /dev/null @@ -1,128 +0,0 @@ -service: - name: 'services-university-gateway' - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/4112043590/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS/EDU/5502690239/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS/EDU/5001694359/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS/EDU/4210984099/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS/EDU/5206871229/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS/EDU/6001692039/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.island.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/services-university-gateway' - create: true - name: 'services-university-gateway' diff --git a/charts/services/services-university-gateway/values.staging.yaml b/charts/services/services-university-gateway/values.staging.yaml deleted file mode 100644 index 1df2efda227d..000000000000 --- a/charts/services/services-university-gateway/values.staging.yaml +++ /dev/null @@ -1,126 +0,0 @@ -service: - name: 'services-university-gateway' - args: - - 'main.js' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - IDENTITY_SERVER_CLIENT_ID: '@island.is/clients/university-gateway' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_UNIVERSITY_GATEWAY_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_BIFROST_UNIVERSITY_PATH: 'IS-TEST/EDU/10057/Bifrost-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_HOLAR_UNIVERSITY_PATH: 'IS-TEST/EDU/10055/Holar-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_ICELAND_UNIVERSITY_OF_THE_ARTS_PATH: 'IS-TEST/EDU/10049/LHI-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_REYKJAVIK_UNIVERSITY_PATH: 'IS-TEST/EDU/5101054190/RvkUni-Hvin-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_AKUREYRI_PATH: 'IS-TEST/EDU/10054/UNAK-Protected/umsoknir-v1' - XROAD_UNIVERSITY_GATEWAY_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10010/HI-Protected/umsoknir-v1' - grantNamespaces: - - 'islandis' - - 'nginx-ingress-internal' - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-university-gateway' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'services-university-gateway.internal.staging01.devland.is' - paths: - - '/api' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - - args: - - 'sequelize-cli' - - 'db:seed:all' - command: - - 'npx' - name: 'seed' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'services_university_gateway' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'services_university_gateway' - secrets: - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - namespace: 'services-university-gateway' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '200m' - memory: '384Mi' - requests: - cpu: '50m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/services-university-gateway/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/services-university-gateway' - create: true - name: 'services-university-gateway' diff --git a/charts/services/skilavottord-web/values.dev.yaml b/charts/services/skilavottord-web/values.dev.yaml deleted file mode 100644 index 037270eb0b76..000000000000 --- a/charts/services/skilavottord-web/values.dev.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'skilavottord-web' - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/skilavottord-web/values.prod.yaml b/charts/services/skilavottord-web/values.prod.yaml deleted file mode 100644 index 641797df4f17..000000000000 --- a/charts/services/skilavottord-web/values.prod.yaml +++ /dev/null @@ -1,71 +0,0 @@ -service: - name: 'skilavottord-web' - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/' - - host: 'www.island.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/skilavottord-web/values.staging.yaml b/charts/services/skilavottord-web/values.staging.yaml deleted file mode 100644 index 4c15333f73f3..000000000000 --- a/charts/services/skilavottord-web/values.staging.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'skilavottord-web' - enabled: true - env: - API_URL: 'http://web-skilavottord-ws' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-external' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 8 - replicas: - max: 10 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 10 - min: 2 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - IDENTITY_SERVER_DOMAIN: '/k8s/skilavottord/web/IDENTITY_SERVER_DOMAIN' - IDENTITY_SERVER_LOGOUT_REDIRECT_URL: '/k8s/skilavottord/web/IDENTITY_SERVER_LOGOUT_REDIRECT_URL' - NEXTAUTH_URL: '/k8s/skilavottord/web/NEXTAUTH_URL' - SKILAVOTTORD_WEB_IDS_CLIENT_SECRET: '/k8s/skilavottord/web/IDENTITY_SERVER_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/skilavottord-ws/values.dev.yaml b/charts/services/skilavottord-ws/values.dev.yaml deleted file mode 100644 index 4e833a7d4c05..000000000000 --- a/charts/services/skilavottord-ws/values.dev.yaml +++ /dev/null @@ -1,95 +0,0 @@ -service: - name: 'skilavottord-ws' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'skilavottord' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/skilavottord-ws/values.prod.yaml b/charts/services/skilavottord-ws/values.prod.yaml deleted file mode 100644 index a85d5a422961..000000000000 --- a/charts/services/skilavottord-ws/values.prod.yaml +++ /dev/null @@ -1,100 +0,0 @@ -service: - name: 'skilavottord-ws' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/app/skilavottord/api/graphql' - - host: 'www.island.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/skilavottord-ws/values.staging.yaml b/charts/services/skilavottord-ws/values.staging.yaml deleted file mode 100644 index 9ef16b1d0b9f..000000000000 --- a/charts/services/skilavottord-ws/values.staging.yaml +++ /dev/null @@ -1,95 +0,0 @@ -service: - name: 'skilavottord-ws' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' - grantNamespaces: - - 'application-system' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/skilavottord-ws' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/app/skilavottord/api/graphql' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'skilavottord' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'skilavottord' - secrets: - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - namespace: 'skilavottord' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '512Mi' - requests: - cpu: '40m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/skilavottord/DB_PASSWORD' - FJARSYSLA_REST_PASS: '/k8s/skilavottord/FJARSYSLA_REST_PASS' - FJARSYSLA_REST_URL: '/k8s/skilavottord-ws/FJARSYSLA_REST_URL' - FJARSYSLA_REST_USER: '/k8s/skilavottord/FJARSYSLA_REST_USER' - SAMGONGUSTOFA_REST_AUTH_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_AUTH_URL' - SAMGONGUSTOFA_REST_DEREG_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_REST_DEREG_URL' - SAMGONGUSTOFA_REST_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_REST_PASS' - SAMGONGUSTOFA_REST_USER: '/k8s/skilavottord/SAMGONGUSTOFA_REST_USER' - SAMGONGUSTOFA_SOAP_PASS: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_PASS' - SAMGONGUSTOFA_SOAP_URL: '/k8s/skilavottord-ws/SAMGONGUSTOFA_SOAP_URL' - SAMGONGUSTOFA_SOAP_USER: '/k8s/skilavottord/SAMGONGUSTOFA_SOAP_USER' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/unicorn-app/values.dev.yaml b/charts/services/unicorn-app/values.dev.yaml deleted file mode 100644 index 1dc720147579..000000000000 --- a/charts/services/unicorn-app/values.dev.yaml +++ /dev/null @@ -1,63 +0,0 @@ -service: - name: 'unicorn-app' - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' diff --git a/charts/services/unicorn-app/values.prod.yaml b/charts/services/unicorn-app/values.prod.yaml deleted file mode 100644 index 4e866d1bf8b6..000000000000 --- a/charts/services/unicorn-app/values.prod.yaml +++ /dev/null @@ -1,84 +0,0 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'prod' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -namespaces: - labels: {} - namespaces: - - 'unicorn-app' -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.island.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/unicorn-app' - create: true - name: 'unicorn-app' diff --git a/charts/services/unicorn-app/values.staging.yaml b/charts/services/unicorn-app/values.staging.yaml deleted file mode 100644 index d09a29feb482..000000000000 --- a/charts/services/unicorn-app/values.staging.yaml +++ /dev/null @@ -1,84 +0,0 @@ -##################################################################### -# -# Do not edit this file manually, it is automatically generated. -# Run "yarn charts" instead. -# -##################################################################### -global: - env: - AUDIT_GROUP_NAME: '/island-is/audit-log' - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' - PORT: '3333' - name: 'staging' - initContainer: - env: - AWS_REGION: 'eu-west-1' - NPM_CONFIG_UPDATE_NOTIFIER: 'false' -namespaces: - labels: {} - namespaces: - - 'unicorn-app' -unicorn-app: - enabled: true - env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.staging01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/unicorn-app' - create: true - name: 'unicorn-app' diff --git a/charts/services/user-notification-cleanup-worker/values.dev.yaml b/charts/services/user-notification-cleanup-worker/values.dev.yaml deleted file mode 100644 index ea56d35965d0..000000000000 --- a/charts/services/user-notification-cleanup-worker/values.dev.yaml +++ /dev/null @@ -1,91 +0,0 @@ -service: - name: 'user-notification-cleanup-worker' - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@hourly' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' diff --git a/charts/services/user-notification-cleanup-worker/values.prod.yaml b/charts/services/user-notification-cleanup-worker/values.prod.yaml deleted file mode 100644 index 79c984f468d7..000000000000 --- a/charts/services/user-notification-cleanup-worker/values.prod.yaml +++ /dev/null @@ -1,93 +0,0 @@ -service: - name: 'user-notification-cleanup-worker' - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' diff --git a/charts/services/user-notification-cleanup-worker/values.staging.yaml b/charts/services/user-notification-cleanup-worker/values.staging.yaml deleted file mode 100644 index e63b9c1de642..000000000000 --- a/charts/services/user-notification-cleanup-worker/values.staging.yaml +++ /dev/null @@ -1,91 +0,0 @@ -service: - name: 'user-notification-cleanup-worker' - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=cleanup' - command: - - 'node' - enabled: true - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '@midnight' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-cleanup-worker' - create: true - name: 'user-notification-cleanup-worker' diff --git a/charts/services/user-notification-worker/values.dev.yaml b/charts/services/user-notification-worker/values.dev.yaml deleted file mode 100644 index 09996cd541dd..000000000000 --- a/charts/services/user-notification-worker/values.dev.yaml +++ /dev/null @@ -1,118 +0,0 @@ -service: - name: 'user-notification-worker' - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'preview.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification-worker' - create: true - name: 'user-notification-worker' diff --git a/charts/services/user-notification-worker/values.prod.yaml b/charts/services/user-notification-worker/values.prod.yaml deleted file mode 100644 index e1f0e8b9ee25..000000000000 --- a/charts/services/user-notification-worker/values.prod.yaml +++ /dev/null @@ -1,120 +0,0 @@ -service: - name: 'user-notification-worker' - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification-worker' - create: true - name: 'user-notification-worker' diff --git a/charts/services/user-notification-worker/values.staging.yaml b/charts/services/user-notification-worker/values.staging.yaml deleted file mode 100644 index cd945064f475..000000000000 --- a/charts/services/user-notification-worker/values.staging.yaml +++ /dev/null @@ -1,118 +0,0 @@ -service: - name: 'user-notification-worker' - args: - - '--no-experimental-fetch' - - 'main.js' - - '--job=worker' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - CONTENTFUL_HOST: 'cdn.contentful.com' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - EMAIL_REGION: 'eu-west-1' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 2 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - initContainer: - containers: - - args: - - 'sequelize-cli' - - 'db:migrate' - command: - - 'npx' - name: 'migrations' - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - env: - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - secrets: - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 2 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification-worker' - create: true - name: 'user-notification-worker' diff --git a/charts/services/user-notification/values.dev.yaml b/charts/services/user-notification/values.dev.yaml deleted file mode 100644 index d1c2ee456081..000000000000 --- a/charts/services/user-notification/values.dev.yaml +++ /dev/null @@ -1,104 +0,0 @@ -service: - name: 'user-notification' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-DEV/GOV/10006/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications-reader.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'b464afdd-056b-406d-b650-6d41733cfeb7' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitydev.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.dev01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/user-notification' - create: true - name: 'user-notification' diff --git a/charts/services/user-notification/values.prod.yaml b/charts/services/user-notification/values.prod.yaml deleted file mode 100644 index d272085144bb..000000000000 --- a/charts/services/user-notification/values.prod.yaml +++ /dev/null @@ -1,105 +0,0 @@ -service: - name: 'user-notification' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'https://auth-delegation-api.internal.innskra.island.is' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'noreply@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: '2304d7ca-7ed3-4188-8b6d-e1b7e0e3df7f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentity.b2clogin.com/skraidentity.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentity.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.whakos.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.island.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/user-notification' - create: true - name: 'user-notification' diff --git a/charts/services/user-notification/values.staging.yaml b/charts/services/user-notification/values.staging.yaml deleted file mode 100644 index 3ec76ebb401d..000000000000 --- a/charts/services/user-notification/values.staging.yaml +++ /dev/null @@ -1,104 +0,0 @@ -service: - name: 'user-notification' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - AUTH_DELEGATION_API_URL: 'http://web-services-auth-delegation-api.identity-server-delegation.svc.cluster.local' - AUTH_DELEGATION_MACHINE_CLIENT_SCOPE: '["@island.is/auth/delegations/index:system"]' - COMPANY_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - COMPANY_REGISTRY_XROAD_PROVIDER_ID: 'IS-TEST/GOV/5402696029/Skatturinn/ft-v1' - DB_HOST: 'postgres-applications.internal' - DB_NAME: 'user_notification' - DB_REPLICAS_HOST: 'postgres-applications.internal' - DB_USER: 'user_notification' - DEAD_LETTER_QUEUE_NAME: 'user-notification-failure' - EMAIL_FROM_ADDRESS: 'development@island.is' - IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' - LOG_LEVEL: 'info' - MAIN_QUEUE_NAME: 'user-notification' - NATIONAL_REGISTRY_B2C_CLIENT_ID: 'ca128c23-b43c-443d-bade-ec5a146a933f' - NATIONAL_REGISTRY_B2C_ENDPOINT: 'https://skraidentitydev.b2clogin.com/skraidentitystaging.onmicrosoft.com/b2c_1_midlun_flow/oauth2/v2.0/token' - NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' - NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' - NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' - REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' - REDIS_USE_SSL: 'true' - SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' - USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: - - 'nginx-ingress-internal' - - 'islandis' - - 'identity-server-delegation' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/health/check' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-user-notification' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-internal-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'user-notification-xrd.internal.staging01.devland.is' - paths: - - '/' - namespace: 'user-notification' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '400m' - memory: '384Mi' - requests: - cpu: '150m' - memory: '256Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - CONTENTFUL_ACCESS_TOKEN: '/k8s/user-notification/CONTENTFUL_ACCESS_TOKEN' - DB_PASS: '/k8s/user-notification/DB_PASSWORD' - FIREBASE_CREDENTIALS: '/k8s/user-notification/firestore-credentials' - IDENTITY_SERVER_CLIENT_ID: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_ID' - IDENTITY_SERVER_CLIENT_SECRET: '/k8s/user-notification/USER_NOTIFICATION_CLIENT_SECRET' - NATIONAL_REGISTRY_B2C_CLIENT_SECRET: '/k8s/api/NATIONAL_REGISTRY_B2C_CLIENT_SECRET' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/user-notification' - create: true - name: 'user-notification' diff --git a/charts/services/web/values.dev.yaml b/charts/services/web/values.dev.yaml deleted file mode 100644 index e11d74732817..000000000000 --- a/charts/services/web/values.dev.yaml +++ /dev/null @@ -1,71 +0,0 @@ -service: - name: 'web' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'dev' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - TRACKING_DOMAIN: 'beta.dev01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.dev01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/web/values.prod.yaml b/charts/services/web/values.prod.yaml deleted file mode 100644 index a2b045c95489..000000000000 --- a/charts/services/web/values.prod.yaml +++ /dev/null @@ -1,75 +0,0 @@ -service: - name: 'web' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'prod' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - TRACKING_DOMAIN: 'island.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'island.is' - paths: - - '/' - - host: 'www.island.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/web/values.staging.yaml b/charts/services/web/values.staging.yaml deleted file mode 100644 index 8858bfab5d55..000000000000 --- a/charts/services/web/values.staging.yaml +++ /dev/null @@ -1,72 +0,0 @@ -service: - name: 'web' - basicAuth: '/k8s/web/basic_auth' - enabled: true - env: - API_URL: 'http://web-api' - DISABLE_API_CATALOGUE: 'false' - DISABLE_ORGANIZATION_CHATBOT: 'false' - DISABLE_SYSLUMENN_PAGE: 'false' - ENVIRONMENT: 'staging' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' - TRACKING_DOMAIN: 'beta.staging01.devland.is' - grantNamespaces: - - 'nginx-ingress-external' - - 'api-catalogue' - - 'application-system' - - 'consultation-portal' - - 'search-indexer' - grantNamespacesEnabled: true - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 20 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 50 - min: 2 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/web' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' - nginx.ingress.kubernetes.io/proxy-buffering: 'on' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'beta.staging01.devland.is' - paths: - - '/' - namespace: 'islandis' - podDisruptionBudget: - maxUnavailable: 1 - pvcs: [] - replicaCount: - default: 2 - max: 50 - min: 2 - resources: - limits: - cpu: '1000m' - memory: '768Mi' - requests: - cpu: '300m' - memory: '384Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - DD_RUM_APPLICATION_ID: '/k8s/DD_RUM_APPLICATION_ID' - DD_RUM_CLIENT_TOKEN: '/k8s/DD_RUM_CLIENT_TOKEN' - securityContext: - allowPrivilegeEscalation: false - privileged: false diff --git a/charts/services/xroad-collector/values.dev.yaml b/charts/services/xroad-collector/values.dev.yaml deleted file mode 100644 index e712a84155da..000000000000 --- a/charts/services/xroad-collector/values.dev.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'xroad-collector' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-njkekqydiegezhr4vqpkfnw5la.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' - XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.dev01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.dev01.devland.is/r1/IS-DEV' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/xroad-collector' - create: true - name: 'xroad-collector' diff --git a/charts/services/xroad-collector/values.prod.yaml b/charts/services/xroad-collector/values.prod.yaml deleted file mode 100644 index d02d4af938d8..000000000000 --- a/charts/services/xroad-collector/values.prod.yaml +++ /dev/null @@ -1,68 +0,0 @@ -service: - name: 'xroad-collector' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-mw4w5c2m2g5edjrtvwbpzhkw24.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - XROAD_BASE_PATH: 'http://securityserver.island.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.island.is/r1/IS' - XROAD_CLIENT_ID: 'IS/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.island.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.island.is/r1/IS' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 3 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 3 - max: 10 - min: 3 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/xroad-collector' - create: true - name: 'xroad-collector' diff --git a/charts/services/xroad-collector/values.staging.yaml b/charts/services/xroad-collector/values.staging.yaml deleted file mode 100644 index c02840afccd0..000000000000 --- a/charts/services/xroad-collector/values.staging.yaml +++ /dev/null @@ -1,67 +0,0 @@ -service: - name: 'xroad-collector' - args: - - '--no-experimental-fetch' - - 'main.js' - command: - - 'node' - enabled: true - env: - ELASTIC_NODE: 'https://vpc-search-q6hdtjcdlhkffyxvrnmzfwphuq.eu-west-1.es.amazonaws.com' - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - NODE_TLS_REJECT_UNAUTHORIZED: '0' - XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' - XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' - XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' - XROAD_TLS_BASE_PATH: 'https://securityserver.staging01.devland.is' - XROAD_TLS_BASE_PATH_WITH_ENV: 'https://securityserver.staging01.devland.is/r1/IS-TEST' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 3 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/services-xroad-collector' - namespace: 'xroad-collector' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 3 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '100m' - memory: '128Mi' - schedule: '0 2 * * *' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: - annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/xroad-collector' - create: true - name: 'xroad-collector' From 5818e55fdc2261fa2fca33565f681149dc09a65b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 13 Nov 2024 14:13:18 +0000 Subject: [PATCH 29/50] chore: yarn charts --- charts/identity-server/values.dev.yaml | 20 +++- charts/identity-server/values.prod.yaml | 10 +- charts/identity-server/values.staging.yaml | 20 +++- charts/islandis/values.dev.yaml | 61 ++++++++++- charts/islandis/values.prod.yaml | 76 ++++++++++++- charts/islandis/values.staging.yaml | 121 ++++++++++++++++++++- charts/judicial-system/values.dev.yaml | 17 +++ charts/judicial-system/values.prod.yaml | 8 ++ charts/judicial-system/values.staging.yaml | 16 +++ 9 files changed, 331 insertions(+), 18 deletions(-) diff --git a/charts/identity-server/values.dev.yaml b/charts/identity-server/values.dev.yaml index a5ee35c34990..d430d1e0e563 100644 --- a/charts/identity-server/values.dev.yaml +++ b/charts/identity-server/values.dev.yaml @@ -1,3 +1,9 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### auth-admin-web: enabled: true env: @@ -7,6 +13,7 @@ auth-admin-web: NEXTAUTH_URL: 'https://identity-server.dev01.devland.is/admin/api/auth' NEXT_PUBLIC_BACKEND_URL: '/backend' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'nginx-ingress-internal' @@ -81,9 +88,7 @@ identity-server: annotations: ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": - "http://%%host%%:5003/metrics","namespace": - "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' enabled: true env: @@ -114,6 +119,7 @@ identity-server: PersistenceSettings__DelegationsCacheEnabled: 'false' RedisSettings__Address: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com' RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' files: - 'ids-signing.pfx' @@ -221,6 +227,7 @@ services-auth-admin-api: IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.dev01.devland.is","https://identity-server.staging01.devland.is","https://innskra.island.is"]' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' @@ -311,6 +318,7 @@ services-auth-delegation-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' @@ -414,6 +422,7 @@ services-auth-ids-api: PASSKEY_CORE_RP_NAME: 'Island.is' PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' @@ -486,6 +495,7 @@ services-auth-ids-api: DB_NAME: 'servicesauth' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/servicesauth/DB_PASSWORD' namespace: 'identity-server' @@ -531,6 +541,7 @@ services-auth-ids-api-cleanup: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'user-notification' @@ -590,6 +601,7 @@ services-auth-personal-representative: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' @@ -671,6 +683,7 @@ services-auth-personal-representative-public: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -741,6 +754,7 @@ services-auth-public-api: PASSKEY_CORE_RP_NAME: 'Island.is' PUBLIC_URL: 'https://identity-server.dev01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' diff --git a/charts/identity-server/values.prod.yaml b/charts/identity-server/values.prod.yaml index 25efd523dc8f..c0e37b07b13c 100644 --- a/charts/identity-server/values.prod.yaml +++ b/charts/identity-server/values.prod.yaml @@ -1,3 +1,9 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### auth-admin-web: enabled: true env: @@ -80,9 +86,7 @@ identity-server: annotations: ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": - "http://%%host%%:5003/metrics","namespace": - "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' enabled: true env: diff --git a/charts/identity-server/values.staging.yaml b/charts/identity-server/values.staging.yaml index 4dac4301e044..a12c3b255921 100644 --- a/charts/identity-server/values.staging.yaml +++ b/charts/identity-server/values.staging.yaml @@ -1,3 +1,9 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### auth-admin-web: enabled: true env: @@ -7,6 +13,7 @@ auth-admin-web: NEXTAUTH_URL: 'https://identity-server.staging01.devland.is/admin/api/auth' NEXT_PUBLIC_BACKEND_URL: '/backend' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'nginx-ingress-internal' @@ -81,9 +88,7 @@ identity-server: annotations: ad.datadoghq.com/identity-server.check_names: '["openmetrics"]' ad.datadoghq.com/identity-server.init_configs: '[{}]' - ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": - "http://%%host%%:5003/metrics","namespace": - "identity-server","metrics":["*"]}]' + ad.datadoghq.com/identity-server.instances: '[{"prometheus_url": "http://%%host%%:5003/metrics","namespace": "identity-server","metrics":["*"]}]' ad.datadoghq.com/identity-server.logs: '[{"service": "identity-server", "source": "csharp"}]' enabled: true env: @@ -114,6 +119,7 @@ identity-server: PersistenceSettings__DelegationsCacheEnabled: 'false' RedisSettings__Address: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com' RedisSettings__Port: '6379' + SERVERSIDE_FEATURES_ON: '' SessionsApiSettings__BaseAddress: 'http://web-services-sessions.services-sessions.svc.cluster.local' files: - 'ids-signing.pfx' @@ -221,6 +227,7 @@ services-auth-admin-api: IDENTITY_SERVER_ISSUER_URL_LIST: '["https://identity-server.staging01.devland.is","https://innskra.island.is"]' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' @@ -311,6 +318,7 @@ services-auth-delegation-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' USER_NOTIFICATION_API_URL: 'http://web-user-notification.user-notification.svc.cluster.local' @@ -414,6 +422,7 @@ services-auth-ids-api: PASSKEY_CORE_RP_NAME: 'Island.is' PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' USER_PROFILE_CLIENT_SCOPE: '["@island.is/user-profile:read"]' @@ -486,6 +495,7 @@ services-auth-ids-api: DB_NAME: 'servicesauth' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'servicesauth' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/servicesauth/DB_PASSWORD' namespace: 'identity-server' @@ -531,6 +541,7 @@ services-auth-ids-api-cleanup: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'user-notification' @@ -590,6 +601,7 @@ services-auth-personal-representative: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' @@ -671,6 +683,7 @@ services-auth-personal-representative-public: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -741,6 +754,7 @@ services-auth-public-api: PASSKEY_CORE_RP_NAME: 'Island.is' PUBLIC_URL: 'https://identity-server.staging01.devland.is/api' REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' SYSLUMENN_HOST: 'https://api.syslumenn.is/staging' SYSLUMENN_TIMEOUT: '3000' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' diff --git a/charts/islandis/values.dev.yaml b/charts/islandis/values.dev.yaml index f195a7c63277..8714202f38ed 100644 --- a/charts/islandis/values.dev.yaml +++ b/charts/islandis/values.dev.yaml @@ -1,3 +1,9 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### air-discount-scheme-api: enabled: true env: @@ -8,6 +14,7 @@ air-discount-scheme-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'islandis' @@ -87,6 +94,7 @@ air-discount-scheme-backend: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -153,6 +161,7 @@ air-discount-scheme-backend: DB_NAME: 'air_discount_scheme_backend' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' namespace: 'air-discount-scheme' @@ -193,6 +202,7 @@ air-discount-scheme-web: LOG_LEVEL: 'info' NEXTAUTH_URL: 'https://loftbru.dev01.devland.is' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'islandis' @@ -220,9 +230,7 @@ air-discount-scheme-web: primary-alb: annotations: kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ - https://beta.dev01.devland.is/loftbru; rewrite /en$ - https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.dev01.devland.is/loftbru; rewrite /en$ https://beta.dev01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' nginx.ingress.kubernetes.io/proxy-buffering: 'on' nginx.ingress.kubernetes.io/proxy-buffers-number: '4' @@ -311,6 +319,7 @@ api: NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' SYSLUMENN_TIMEOUT: '40000' @@ -612,6 +621,7 @@ application-system-api: NOVA_USERNAME: 'IslandIs_User_Development' RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' @@ -742,6 +752,7 @@ application-system-api: DB_NAME: 'application_system_api' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/application-system-api/DB_PASSWORD' namespace: 'application-system' @@ -835,6 +846,7 @@ application-system-api-worker: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CHARGE_FJS_V2_PATH: 'IS-DEV/GOV/10021/FJS-Public/chargeFJS_v2' @@ -918,7 +930,9 @@ application-system-form: BASEPATH: '/umsoknir' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'dev' + SI_PUBLIC_GRAPHQL_PATH: '' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' grantNamespaces: - 'nginx-ingress-internal' @@ -989,6 +1003,7 @@ consultation-portal: LOG_LEVEL: 'info' NEXTAUTH_URL: 'https://beta.dev01.devland.is/samradsgatt/api/auth' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1049,6 +1064,7 @@ contentful-apps: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1111,6 +1127,7 @@ contentful-entry-tagger-service: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1178,6 +1195,7 @@ download-service: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-DEV/EDU/10056/LBHI-Protected/brautskraning-v1' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' @@ -1294,6 +1312,7 @@ endorsement-system-api: NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -1346,6 +1365,7 @@ endorsement-system-api: DB_NAME: 'services_endorsements_api' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' namespace: 'endorsement-system' @@ -1383,6 +1403,7 @@ external-contracts-tests: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_NATIONAL_REGISTRY_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' @@ -1445,6 +1466,7 @@ github-actions-cache: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460' REDIS_NODES: 'clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1524,6 +1546,7 @@ icelandic-names-registry-backend: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'islandis' grantNamespacesEnabled: true @@ -1579,6 +1602,7 @@ icelandic-names-registry-backend: DB_NAME: 'icelandic_names_registry_backend' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' namespace: 'icelandic-names-registry' @@ -1607,6 +1631,7 @@ island-ui-storybook: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -1666,6 +1691,7 @@ license-api: LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -1784,6 +1810,7 @@ portals-admin: BASEPATH: '/stjornbord' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'dev' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' grantNamespaces: @@ -1858,6 +1885,7 @@ regulations-admin-backend: NATIONAL_REGISTRY_B2C_PATH: 'IS-DEV/GOV/10001/SKRA-Cloud-Protected/Midlun-v1' NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -1906,6 +1934,7 @@ regulations-admin-backend: DB_NAME: 'regulations_admin_backend' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' namespace: 'regulations-admin' @@ -1949,6 +1978,7 @@ search-indexer-service: ENVIRONMENT: 'dev' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -2031,6 +2061,7 @@ search-indexer-service: ENVIRONMENT: 'dev' NODE_OPTIONS: '--max-old-space-size=2048' S3_BUCKET: 'dev-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' secrets: CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' @@ -2072,6 +2103,7 @@ service-portal: BASEPATH: '/minarsidur' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'dev' SI_PUBLIC_GRAPHQL_API: '/api/graphql' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' @@ -2154,6 +2186,7 @@ service-portal-api: NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitydev.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' NOVA_ACCEPT_UNAUTHORIZED: 'true' + SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_BASE_URL: 'https://beta.dev01.devland.is/minarsidur' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' @@ -2217,6 +2250,7 @@ service-portal-api: DB_NAME: 'service_portal_api' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' namespace: 'service-portal' @@ -2279,6 +2313,7 @@ services-bff-portals-admin: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'identity-server' grantNamespacesEnabled: true @@ -2352,6 +2387,7 @@ services-documents: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'islandis' - 'application-system' @@ -2395,6 +2431,7 @@ services-documents: DB_NAME: 'services_documents' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-documents/DB_PASSWORD' namespace: 'services-documents' @@ -2430,6 +2467,7 @@ services-sessions: NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2498,6 +2536,7 @@ services-sessions-cleanup: DB_USER: 'services_sessions' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2562,6 +2601,7 @@ services-sessions-worker: NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2607,6 +2647,7 @@ services-sessions-worker: DB_NAME: 'services_sessions' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-sessions/DB_PASSWORD' namespace: 'services-sessions' @@ -2653,6 +2694,7 @@ services-university-gateway: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -2731,6 +2773,7 @@ services-university-gateway: DB_NAME: 'services_university_gateway' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' namespace: 'services-university-gateway' @@ -2780,6 +2823,7 @@ services-university-gateway-worker: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' @@ -2853,6 +2897,7 @@ skilavottord-web: ENVIRONMENT: 'dev' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -2922,6 +2967,7 @@ skilavottord-ws: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'application-system' grantNamespacesEnabled: true @@ -2973,6 +3019,7 @@ skilavottord-ws: DB_NAME: 'skilavottord' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/skilavottord/DB_PASSWORD' namespace: 'skilavottord' @@ -3011,6 +3058,7 @@ unicorn-app: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -3096,6 +3144,7 @@ user-notification: NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' @@ -3186,6 +3235,7 @@ user-notification-cleanup-worker: DB_USER: 'user_notification' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -3230,6 +3280,7 @@ user-notification-cleanup-worker: DB_NAME: 'user_notification' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/user-notification/DB_PASSWORD' namespace: 'user-notification' @@ -3292,6 +3343,7 @@ user-notification-worker: NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.5fzau3.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' @@ -3343,6 +3395,7 @@ user-notification-worker: DB_NAME: 'user_notification' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/user-notification/DB_PASSWORD' namespace: 'user-notification' @@ -3388,6 +3441,7 @@ web: ENVIRONMENT: 'dev' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' TRACKING_DOMAIN: 'beta.dev01.devland.is' grantNamespaces: - 'nginx-ingress-external' @@ -3460,6 +3514,7 @@ xroad-collector: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.dev01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.dev01.devland.is/r1/IS-DEV' XROAD_CLIENT_ID: 'IS-DEV/GOV/10000/island-is-client' diff --git a/charts/islandis/values.prod.yaml b/charts/islandis/values.prod.yaml index 2077b2126862..e30f9b58251d 100644 --- a/charts/islandis/values.prod.yaml +++ b/charts/islandis/values.prod.yaml @@ -1,3 +1,9 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### air-discount-scheme-api: enabled: true env: @@ -216,9 +222,7 @@ air-discount-scheme-web: primary-alb: annotations: kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ - https://island.is/loftbru; rewrite /en$ - https://island.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://island.is/loftbru; rewrite /en$ https://island.is/en/lower-airfares-for-residents-in-rural-areas;' nginx.ingress.kubernetes.io/enable-global-auth: 'false' nginx.ingress.kubernetes.io/proxy-buffer-size: '8k' nginx.ingress.kubernetes.io/proxy-buffering: 'on' @@ -286,6 +290,7 @@ api: FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' HUNTING_LICENSE_PASS_TEMPLATE_ID: '5f42f942-d8d6-40bf-a186-5a9e12619d9f' ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' @@ -915,6 +920,7 @@ application-system-form: NODE_OPTIONS: '--max-old-space-size=230' SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' SI_PUBLIC_ENVIRONMENT: 'prod' + SI_PUBLIC_GRAPHQL_PATH: '' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' grantNamespaces: - 'nginx-ingress-internal' @@ -1661,6 +1667,7 @@ namespaces: - 'services-university-gateway' - 'contentful-apps' - 'contentful-entry-tagger' + - 'unicorn-app' portals-admin: enabled: true env: @@ -2923,6 +2930,69 @@ skilavottord-ws: securityContext: allowPrivilegeEscalation: false privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.island.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/unicorn-app' + create: true + name: 'unicorn-app' user-notification: args: - '--no-experimental-fetch' diff --git a/charts/islandis/values.staging.yaml b/charts/islandis/values.staging.yaml index b72fa743410e..75084a833056 100644 --- a/charts/islandis/values.staging.yaml +++ b/charts/islandis/values.staging.yaml @@ -1,3 +1,9 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### air-discount-scheme-api: enabled: true env: @@ -8,6 +14,7 @@ air-discount-scheme-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'islandis' @@ -87,6 +94,7 @@ air-discount-scheme-backend: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: 'clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -153,6 +161,7 @@ air-discount-scheme-backend: DB_NAME: 'air_discount_scheme_backend' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'air_discount_scheme_backend' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/air-discount-scheme-backend/DB_PASSWORD' namespace: 'air-discount-scheme' @@ -193,6 +202,7 @@ air-discount-scheme-web: LOG_LEVEL: 'info' NEXTAUTH_URL: 'https://loftbru.staging01.devland.is' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' - 'islandis' @@ -220,9 +230,7 @@ air-discount-scheme-web: primary-alb: annotations: kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ - https://beta.staging01.devland.is/loftbru; rewrite /en$ - https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' + nginx.ingress.kubernetes.io/configuration-snippet: 'rewrite /$ https://beta.staging01.devland.is/loftbru; rewrite /en$ https://beta.staging01.devland.is/en/lower-airfares-for-residents-in-rural-areas;' nginx.ingress.kubernetes.io/proxy-buffer-size: '16k' nginx.ingress.kubernetes.io/proxy-buffering: 'on' nginx.ingress.kubernetes.io/proxy-buffers-number: '4' @@ -294,6 +302,7 @@ api: FINANCIAL_STATEMENTS_INAO_TOKEN_ENDPOINT: 'https://login.microsoftonline.com/05a20268-aaea-4bb5-bb78-960b0462185e/oauth2/v2.0/token' FISHING_LICENSE_XROAD_PROVIDER_ID: 'IS-TEST/GOV/6608922069/Fiskistofa-Protected/veidileyfi-v1' FISKISTOFA_ZENTER_CLIENT_ID: '1114' + FORM_SYSTEM_API_BASE_PATH: '' HSN_WEB_FORM_ID: '1dimJFHLFYtnhoYEA3JxRK' HUNTING_LICENSE_PASS_TEMPLATE_ID: '1da72d52-a93a-4d0f-8463-1933a2bd210b' ICELANDIC_NAMES_REGISTRY_BACKEND_URL: 'http://web-icelandic-names-registry-backend.icelandic-names-registry.svc.cluster.local' @@ -310,6 +319,7 @@ api: NODE_OPTIONS: '--max-old-space-size=2880 -r dd-trace/init' REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' SEND_FROM_EMAIL: 'development@island.is' + SERVERSIDE_FEATURES_ON: '' SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' SESSIONS_API_URL: 'http://web-services-sessions.services-sessions.svc.cluster.local' SYSLUMENN_TIMEOUT: '40000' @@ -608,6 +618,7 @@ application-system-api: NOVA_USERNAME: 'IslandIs_User_Development' RECYCLING_FUND_GQL_BASE_PATH: 'http://web-skilavottord-ws.skilavottord.svc.cluster.local/app/skilavottord/api/graphql' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' SERVICE_DOCUMENTS_BASEPATH: 'http://web-services-documents.services-documents.svc.cluster.local' SERVICE_USER_PROFILE_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' UNIVERSITY_GATEWAY_API_URL: 'http://web-services-university-gateway.services-university-gateway.svc.cluster.local' @@ -738,6 +749,7 @@ application-system-api: DB_NAME: 'application_system_api' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'application_system_api' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/application-system-api/DB_PASSWORD' namespace: 'application-system' @@ -831,6 +843,7 @@ application-system-api-worker: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CHARGE_FJS_V2_PATH: 'IS-TEST/GOV/10021/FJS-Public/chargeFJS_v2' @@ -914,7 +927,9 @@ application-system-form: BASEPATH: '/umsoknir' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'staging' + SI_PUBLIC_GRAPHQL_PATH: '' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' grantNamespaces: - 'nginx-ingress-internal' @@ -985,6 +1000,7 @@ consultation-portal: LOG_LEVEL: 'info' NEXTAUTH_URL: 'https://beta.staging01.devland.is/samradsgatt/api/auth' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1048,6 +1064,7 @@ download-service: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REGULATIONS_ADMIN_URL: 'http://web-regulations-admin-backend.regulations-admin.svc.cluster.local' + SERVERSIDE_FEATURES_ON: '' XROAD_AGRICULTURAL_UNIVERSITY_OF_ICELAND_PATH: 'IS-TEST/EDU/10056/LBHI-Protected/brautskraning-v1' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' @@ -1164,6 +1181,7 @@ endorsement-system-api: NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -1216,6 +1234,7 @@ endorsement-system-api: DB_NAME: 'services_endorsements_api' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'services_endorsements_api' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-endorsements-api/DB_PASSWORD' namespace: 'endorsement-system' @@ -1269,6 +1288,7 @@ icelandic-names-registry-backend: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'islandis' grantNamespacesEnabled: true @@ -1324,6 +1344,7 @@ icelandic-names-registry-backend: DB_NAME: 'icelandic_names_registry_backend' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'icelandic_names_registry_backend' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/icelandic-names-registry-backend/DB_PASSWORD' namespace: 'icelandic-names-registry' @@ -1352,6 +1373,7 @@ island-ui-storybook: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -1411,6 +1433,7 @@ license-api: LICENSE_SERVICE_REDIS_NODES: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -1518,12 +1541,14 @@ namespaces: - 'license-api' - 'services-sessions' - 'services-university-gateway' + - 'unicorn-app' portals-admin: enabled: true env: BASEPATH: '/stjornbord' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460' + SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'staging' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' grantNamespaces: @@ -1598,6 +1623,7 @@ regulations-admin-backend: NATIONAL_REGISTRY_B2C_PATH: 'IS-TEST/GOV/6503760649/SKRA-Cloud-Protected/Midlun-v1' NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -1646,6 +1672,7 @@ regulations-admin-backend: DB_NAME: 'regulations_admin_backend' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'regulations_admin_backend' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/regulations-admin-backend/DB_PASSWORD' namespace: 'regulations-admin' @@ -1689,6 +1716,7 @@ search-indexer-service: ENVIRONMENT: 'staging' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=3686 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: @@ -1771,6 +1799,7 @@ search-indexer-service: ENVIRONMENT: 'staging' NODE_OPTIONS: '--max-old-space-size=2048' S3_BUCKET: 'staging-es-custom-packages' + SERVERSIDE_FEATURES_ON: '' secrets: CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' CONTENTFUL_ACCESS_TOKEN: '/k8s/search-indexer/CONTENTFUL_ACCESS_TOKEN' @@ -1812,6 +1841,7 @@ service-portal: BASEPATH: '/minarsidur' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230' + SERVERSIDE_FEATURES_ON: '' SI_PUBLIC_ENVIRONMENT: 'staging' SI_PUBLIC_GRAPHQL_API: '/api/graphql' SI_PUBLIC_IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' @@ -1894,6 +1924,7 @@ service-portal-api: NATIONAL_REGISTRY_B2C_SCOPE: 'https://skraidentitystaging.onmicrosoft.com/midlun/.default' NODE_OPTIONS: '--max-old-space-size=921 -r dd-trace/init' NOVA_ACCEPT_UNAUTHORIZED: 'false' + SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_BASE_URL: 'https://beta.staging01.devland.is/minarsidur' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' @@ -1957,6 +1988,7 @@ service-portal-api: DB_NAME: 'service_portal_api' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'service_portal_api' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/service-portal-api/DB_PASSWORD' namespace: 'service-portal' @@ -2019,6 +2051,7 @@ services-bff-portals-admin: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'identity-server' grantNamespacesEnabled: true @@ -2092,6 +2125,7 @@ services-documents: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'islandis' - 'application-system' @@ -2135,6 +2169,7 @@ services-documents: DB_NAME: 'services_documents' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'services_documents' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-documents/DB_PASSWORD' namespace: 'services-documents' @@ -2170,6 +2205,7 @@ services-sessions: NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2238,6 +2274,7 @@ services-sessions-cleanup: DB_USER: 'services_sessions' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2302,6 +2339,7 @@ services-sessions-worker: NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2347,6 +2385,7 @@ services-sessions-worker: DB_NAME: 'services_sessions' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'services_sessions' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-sessions/DB_PASSWORD' namespace: 'services-sessions' @@ -2393,6 +2432,7 @@ services-university-gateway: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -2471,6 +2511,7 @@ services-university-gateway: DB_NAME: 'services_university_gateway' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'services_university_gateway' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/services-university-gateway/DB_PASSWORD' namespace: 'services-university-gateway' @@ -2520,6 +2561,7 @@ services-university-gateway-worker: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' @@ -2593,6 +2635,7 @@ skilavottord-web: ENVIRONMENT: 'staging' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -2662,6 +2705,7 @@ skilavottord-ws: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'application-system' grantNamespacesEnabled: true @@ -2713,6 +2757,7 @@ skilavottord-ws: DB_NAME: 'skilavottord' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'skilavottord' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/skilavottord/DB_PASSWORD' namespace: 'skilavottord' @@ -2746,6 +2791,69 @@ skilavottord-ws: securityContext: allowPrivilegeEscalation: false privileged: false +unicorn-app: + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.staging01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/unicorn-app' + create: true + name: 'unicorn-app' user-notification: args: - '--no-experimental-fetch' @@ -2774,6 +2882,7 @@ user-notification: NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' @@ -2864,6 +2973,7 @@ user-notification-cleanup-worker: DB_USER: 'user_notification' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' - 'islandis' @@ -2908,6 +3018,7 @@ user-notification-cleanup-worker: DB_NAME: 'user_notification' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/user-notification/DB_PASSWORD' namespace: 'user-notification' @@ -2970,6 +3081,7 @@ user-notification-worker: NODE_OPTIONS: '--max-old-space-size=345 -r dd-trace/init' REDIS_URL_NODE_01: '["clustercfg.general-redis-cluster-group.ab9ckb.euw1.cache.amazonaws.com:6379"]' REDIS_USE_SSL: 'true' + SERVERSIDE_FEATURES_ON: '' SERVICE_PORTAL_CLICK_ACTION_URL: 'https://island.is/minarsidur' USER_PROFILE_CLIENT_URL: 'http://web-service-portal-api.service-portal.svc.cluster.local' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' @@ -3021,6 +3133,7 @@ user-notification-worker: DB_NAME: 'user_notification' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'user_notification' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/user-notification/DB_PASSWORD' namespace: 'user-notification' @@ -3067,6 +3180,7 @@ web: ENVIRONMENT: 'staging' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=691 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' TRACKING_DOMAIN: 'beta.staging01.devland.is' grantNamespaces: - 'nginx-ingress-external' @@ -3139,6 +3253,7 @@ xroad-collector: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' NODE_TLS_REJECT_UNAUTHORIZED: '0' + SERVERSIDE_FEATURES_ON: '' XROAD_BASE_PATH: 'http://securityserver.staging01.devland.is' XROAD_BASE_PATH_WITH_ENV: 'http://securityserver.staging01.devland.is/r1/IS-TEST' XROAD_CLIENT_ID: 'IS-TEST/GOV/5501692829/island-is-client' diff --git a/charts/judicial-system/values.dev.yaml b/charts/judicial-system/values.dev.yaml index 2190071ab021..49f263495fd2 100644 --- a/charts/judicial-system/values.dev.yaml +++ b/charts/judicial-system/values.dev.yaml @@ -1,3 +1,9 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### global: env: AUDIT_GROUP_NAME: '/island-is/audit-log' @@ -23,9 +29,11 @@ judicial-system-api: BACKEND_URL: 'http://web-judicial-system-backend' CONTENTFUL_ENVIRONMENT: 'test' CONTENTFUL_HOST: 'preview.contentful.com' + HIDDEN_FEATURES: '' IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -97,6 +105,7 @@ judicial-system-api: judicial-system-backend: enabled: true env: + BLOCKED_API_INTEGRATION: '' CLIENT_URL: 'https://judicial-system.dev01.devland.is' CONTENTFUL_ENVIRONMENT: 'test' CONTENTFUL_HOST: 'preview.contentful.com' @@ -113,6 +122,7 @@ judicial-system-backend: S3_REGION: 'eu-west-1' S3_TIME_TO_LIVE_GET: '5' S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -168,6 +178,7 @@ judicial-system-backend: DB_NAME: 'judicial_system' DB_REPLICAS_HOST: 'postgres-applications-reader.internal' DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/judicial-system/DB_PASSWORD' namespace: 'judicial-system' @@ -238,6 +249,7 @@ judicial-system-digital-mailbox-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.dev01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true @@ -310,6 +322,7 @@ judicial-system-message-handler: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -372,6 +385,7 @@ judicial-system-robot-api: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true @@ -443,6 +457,7 @@ judicial-system-scheduler: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -505,6 +520,7 @@ judicial-system-web: INTERNAL_API_URL: 'http://web-judicial-system-api' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -570,6 +586,7 @@ judicial-system-xrd-api: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true diff --git a/charts/judicial-system/values.prod.yaml b/charts/judicial-system/values.prod.yaml index b1495ed45040..3d7760a9ba00 100644 --- a/charts/judicial-system/values.prod.yaml +++ b/charts/judicial-system/values.prod.yaml @@ -1,3 +1,9 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### global: env: AUDIT_GROUP_NAME: '/island-is/audit-log' @@ -23,6 +29,7 @@ judicial-system-api: BACKEND_URL: 'http://web-judicial-system-backend' CONTENTFUL_ENVIRONMENT: 'master' CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' IDENTITY_SERVER_ISSUER_URL: 'https://innskra.island.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' @@ -98,6 +105,7 @@ judicial-system-api: judicial-system-backend: enabled: true env: + BLOCKED_API_INTEGRATION: '' CLIENT_URL: 'https://rettarvorslugatt.island.is' CONTENTFUL_ENVIRONMENT: 'master' CONTENTFUL_HOST: 'cdn.contentful.com' diff --git a/charts/judicial-system/values.staging.yaml b/charts/judicial-system/values.staging.yaml index 9637ba6483d0..74f9f7dbeb28 100644 --- a/charts/judicial-system/values.staging.yaml +++ b/charts/judicial-system/values.staging.yaml @@ -1,3 +1,9 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### global: env: AUDIT_GROUP_NAME: '/island-is/audit-log' @@ -23,9 +29,11 @@ judicial-system-api: BACKEND_URL: 'http://web-judicial-system-backend' CONTENTFUL_ENVIRONMENT: 'test' CONTENTFUL_HOST: 'cdn.contentful.com' + HIDDEN_FEATURES: '' IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=460 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -114,6 +122,7 @@ judicial-system-backend: S3_REGION: 'eu-west-1' S3_TIME_TO_LIVE_GET: '5' S3_TIME_TO_LIVE_POST: '15' + SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -169,6 +178,7 @@ judicial-system-backend: DB_NAME: 'judicial_system' DB_REPLICAS_HOST: 'postgres-applications.internal' DB_USER: 'judicial_system' + SERVERSIDE_FEATURES_ON: '' secrets: DB_PASS: '/k8s/judicial-system/DB_PASSWORD' namespace: 'judicial-system' @@ -239,6 +249,7 @@ judicial-system-digital-mailbox-api: IDENTITY_SERVER_ISSUER_URL: 'https://identity-server.staging01.devland.is' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true @@ -311,6 +322,7 @@ judicial-system-message-handler: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -373,6 +385,7 @@ judicial-system-robot-api: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true @@ -444,6 +457,7 @@ judicial-system-scheduler: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' SQS_DEAD_LETTER_QUEUE_NAME: 'sqs-judicial-system-dlq' SQS_QUEUE_NAME: 'sqs-judicial-system' SQS_REGION: 'eu-west-1' @@ -506,6 +520,7 @@ judicial-system-web: INTERNAL_API_URL: 'http://web-judicial-system-api' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-external' grantNamespacesEnabled: true @@ -571,6 +586,7 @@ judicial-system-xrd-api: BACKEND_URL: 'http://web-judicial-system-backend' LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: - 'nginx-ingress-internal' grantNamespacesEnabled: true From e045ec41fbc839cce8a7ab952cd0d9a506c45c66 Mon Sep 17 00:00:00 2001 From: andes-it Date: Wed, 13 Nov 2024 14:13:58 +0000 Subject: [PATCH 30/50] chore: charts update dirty files --- charts/islandis/values.dev.yaml | 1 - charts/islandis/values.staging.yaml | 1 - charts/services/unicorn-app/values.dev.yaml | 70 ++++++++++++++++++ charts/services/unicorn-app/values.prod.yaml | 71 +++++++++++++++++++ .../services/unicorn-app/values.staging.yaml | 70 ++++++++++++++++++ 5 files changed, 211 insertions(+), 2 deletions(-) create mode 100644 charts/services/unicorn-app/values.dev.yaml create mode 100644 charts/services/unicorn-app/values.prod.yaml create mode 100644 charts/services/unicorn-app/values.staging.yaml diff --git a/charts/islandis/values.dev.yaml b/charts/islandis/values.dev.yaml index 298b78676e92..3c3f28b78027 100644 --- a/charts/islandis/values.dev.yaml +++ b/charts/islandis/values.dev.yaml @@ -3016,7 +3016,6 @@ unicorn-app: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: diff --git a/charts/islandis/values.staging.yaml b/charts/islandis/values.staging.yaml index 64c485bad44d..49d0bf4e2ea2 100644 --- a/charts/islandis/values.staging.yaml +++ b/charts/islandis/values.staging.yaml @@ -2757,7 +2757,6 @@ unicorn-app: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: diff --git a/charts/services/unicorn-app/values.dev.yaml b/charts/services/unicorn-app/values.dev.yaml new file mode 100644 index 000000000000..640ec9c48384 --- /dev/null +++ b/charts/services/unicorn-app/values.dev.yaml @@ -0,0 +1,70 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### + +service: + name: 'unicorn-app' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' diff --git a/charts/services/unicorn-app/values.prod.yaml b/charts/services/unicorn-app/values.prod.yaml new file mode 100644 index 000000000000..6ee3fa4f4801 --- /dev/null +++ b/charts/services/unicorn-app/values.prod.yaml @@ -0,0 +1,71 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### + +service: + name: 'unicorn-app' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.island.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/unicorn-app' + create: true + name: 'unicorn-app' diff --git a/charts/services/unicorn-app/values.staging.yaml b/charts/services/unicorn-app/values.staging.yaml new file mode 100644 index 000000000000..96cb14556c2a --- /dev/null +++ b/charts/services/unicorn-app/values.staging.yaml @@ -0,0 +1,70 @@ +##################################################################### +# +# Do not edit this file manually, it is automatically generated. +# Run "yarn charts" instead. +# +##################################################################### + +service: + name: 'unicorn-app' + enabled: true + env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + grantNamespaces: [] + grantNamespacesEnabled: false + healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 + hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 + image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' + ingress: + primary-alb: + annotations: + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.staging01.devland.is' + paths: + - '/' + namespace: 'unicorn-app' + podDisruptionBudget: + maxUnavailable: 1 + podSecurityContext: + fsGroup: 65534 + pvcs: [] + replicaCount: + default: 1 + max: 10 + min: 1 + resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' + secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' + securityContext: + allowPrivilegeEscalation: false + privileged: false + serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/unicorn-app' + create: true + name: 'unicorn-app' From 83e46dcedb600c6e0138031e660558e386dc586b Mon Sep 17 00:00:00 2001 From: andes-it Date: Wed, 13 Nov 2024 14:43:49 +0000 Subject: [PATCH 31/50] chore: nx format:write update dirty files --- infra/src/uber-charts/islandis.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/infra/src/uber-charts/islandis.ts b/infra/src/uber-charts/islandis.ts index 32af52199241..cdcf5645d1ce 100644 --- a/infra/src/uber-charts/islandis.ts +++ b/infra/src/uber-charts/islandis.ts @@ -140,7 +140,8 @@ const downloadService = downloadServiceSetup({ const userNotificationWorkerService = userNotificationWorkerSetup({ userProfileApi: servicePortalApi, }) -const userNotificationCleanupWorkerService = userNotificationCleanUpWorkerSetup() +const userNotificationCleanupWorkerService = + userNotificationCleanUpWorkerSetup() const unicornApp = unicornAppSetup() From 080e58d270d7d6db9c7c35bcd5f6cbf27c2bbf7f Mon Sep 17 00:00:00 2001 From: andes-it Date: Wed, 27 Nov 2024 09:42:55 +0000 Subject: [PATCH 32/50] chore: charts update dirty files --- charts/islandis/values.dev.yaml | 1 + charts/islandis/values.staging.yaml | 1 + charts/services/unicorn-app/values.dev.yaml | 133 +++++++++-------- charts/services/unicorn-app/values.prod.yaml | 134 ++++++++++-------- .../services/unicorn-app/values.staging.yaml | 133 +++++++++-------- 5 files changed, 218 insertions(+), 184 deletions(-) diff --git a/charts/islandis/values.dev.yaml b/charts/islandis/values.dev.yaml index a56039122f38..701cddb8a363 100644 --- a/charts/islandis/values.dev.yaml +++ b/charts/islandis/values.dev.yaml @@ -3058,6 +3058,7 @@ unicorn-app: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: diff --git a/charts/islandis/values.staging.yaml b/charts/islandis/values.staging.yaml index 97f83b51aa73..42d4fb69bd44 100644 --- a/charts/islandis/values.staging.yaml +++ b/charts/islandis/values.staging.yaml @@ -2795,6 +2795,7 @@ unicorn-app: env: LOG_LEVEL: 'info' NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' grantNamespaces: [] grantNamespacesEnabled: false healthCheck: diff --git a/charts/services/unicorn-app/values.dev.yaml b/charts/services/unicorn-app/values.dev.yaml index 640ec9c48384..345b91dd5ddb 100644 --- a/charts/services/unicorn-app/values.dev.yaml +++ b/charts/services/unicorn-app/values.dev.yaml @@ -5,66 +5,77 @@ # ##################################################################### -service: - name: 'unicorn-app' - enabled: true +global: env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.dev01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'dev' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +name: 'unicorn-app' +enabled: true +env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' +grantNamespaces: [] +grantNamespacesEnabled: false +healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 +hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 +image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' +ingress: + primary-alb: annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' - create: true - name: 'unicorn-app' + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.dev01.devland.is' + paths: + - '/' +namespace: 'unicorn-app' +podDisruptionBudget: + maxUnavailable: 1 +podSecurityContext: + fsGroup: 65534 +pvcs: [] +replicaCount: + default: 1 + max: 10 + min: 1 +resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' +secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' +securityContext: + allowPrivilegeEscalation: false + privileged: false +serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::013313053092:role/unicorn-app' + create: true + name: 'unicorn-app' diff --git a/charts/services/unicorn-app/values.prod.yaml b/charts/services/unicorn-app/values.prod.yaml index 6ee3fa4f4801..f9782daf09fc 100644 --- a/charts/services/unicorn-app/values.prod.yaml +++ b/charts/services/unicorn-app/values.prod.yaml @@ -5,67 +5,77 @@ # ##################################################################### -service: - name: 'unicorn-app' - enabled: true +global: env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.island.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'prod' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +name: 'unicorn-app' +enabled: true +env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: 'driving-license-use-v1-endpoint-for-v2-comms' +grantNamespaces: [] +grantNamespacesEnabled: false +healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 +hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 +image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' +ingress: + primary-alb: annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/unicorn-app' - create: true - name: 'unicorn-app' + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.island.is' + paths: + - '/' +namespace: 'unicorn-app' +podDisruptionBudget: + maxUnavailable: 1 +podSecurityContext: + fsGroup: 65534 +pvcs: [] +replicaCount: + default: 1 + max: 10 + min: 1 +resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' +secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' +securityContext: + allowPrivilegeEscalation: false + privileged: false +serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::251502586493:role/unicorn-app' + create: true + name: 'unicorn-app' diff --git a/charts/services/unicorn-app/values.staging.yaml b/charts/services/unicorn-app/values.staging.yaml index 96cb14556c2a..3ab1cb5bab56 100644 --- a/charts/services/unicorn-app/values.staging.yaml +++ b/charts/services/unicorn-app/values.staging.yaml @@ -5,66 +5,77 @@ # ##################################################################### -service: - name: 'unicorn-app' - enabled: true +global: env: - LOG_LEVEL: 'info' - NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' - grantNamespaces: [] - grantNamespacesEnabled: false - healthCheck: - liveness: - initialDelaySeconds: 3 - path: '/liveness' - timeoutSeconds: 3 - readiness: - initialDelaySeconds: 3 - path: '/readiness' - timeoutSeconds: 3 - hpa: - scaling: - metric: - cpuAverageUtilization: 90 - nginxRequestsIrate: 5 - replicas: - max: 10 - min: 1 - image: - repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' - ingress: - primary-alb: - annotations: - kubernetes.io/ingress.class: 'nginx-external-alb' - nginx.ingress.kubernetes.io/service-upstream: 'true' - hosts: - - host: 'unicorn-app.staging01.devland.is' - paths: - - '/' - namespace: 'unicorn-app' - podDisruptionBudget: - maxUnavailable: 1 - podSecurityContext: - fsGroup: 65534 - pvcs: [] - replicaCount: - default: 1 - max: 10 - min: 1 - resources: - limits: - cpu: '200m' - memory: '256Mi' - requests: - cpu: '50m' - memory: '128Mi' - secrets: - CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' - securityContext: - allowPrivilegeEscalation: false - privileged: false - serviceAccount: + AUDIT_GROUP_NAME: '/island-is/audit-log' + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' + PORT: '3333' + name: 'staging' + initContainer: + env: + AWS_REGION: 'eu-west-1' + NPM_CONFIG_UPDATE_NOTIFIER: 'false' +name: 'unicorn-app' +enabled: true +env: + LOG_LEVEL: 'info' + NODE_OPTIONS: '--max-old-space-size=230 -r dd-trace/init' + SERVERSIDE_FEATURES_ON: '' +grantNamespaces: [] +grantNamespacesEnabled: false +healthCheck: + liveness: + initialDelaySeconds: 3 + path: '/liveness' + timeoutSeconds: 3 + readiness: + initialDelaySeconds: 3 + path: '/readiness' + timeoutSeconds: 3 +hpa: + scaling: + metric: + cpuAverageUtilization: 90 + nginxRequestsIrate: 5 + replicas: + max: 10 + min: 1 +image: + repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' +ingress: + primary-alb: annotations: - eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/unicorn-app' - create: true - name: 'unicorn-app' + kubernetes.io/ingress.class: 'nginx-external-alb' + nginx.ingress.kubernetes.io/service-upstream: 'true' + hosts: + - host: 'unicorn-app.staging01.devland.is' + paths: + - '/' +namespace: 'unicorn-app' +podDisruptionBudget: + maxUnavailable: 1 +podSecurityContext: + fsGroup: 65534 +pvcs: [] +replicaCount: + default: 1 + max: 10 + min: 1 +resources: + limits: + cpu: '200m' + memory: '256Mi' + requests: + cpu: '50m' + memory: '128Mi' +secrets: + CONFIGCAT_SDK_KEY: '/k8s/configcat/CONFIGCAT_SDK_KEY' +securityContext: + allowPrivilegeEscalation: false + privileged: false +serviceAccount: + annotations: + eks.amazonaws.com/role-arn: 'arn:aws:iam::261174024191:role/unicorn-app' + create: true + name: 'unicorn-app' From 01666077e753724294b2c2375b8550cf2bc80f29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B3n=20Levy?= Date: Wed, 27 Nov 2024 09:43:59 +0000 Subject: [PATCH 33/50] fix: make unaffected --- apps/unicorn-app/src/app/page.tsx | 2 -- apps/unicorn-app/src/queries/index.ts | 17 ----------------- apps/unicorn-app/src/types/index.ts | 16 ---------------- libs/shared/types/src/lib/unicorn.ts | 3 --- 4 files changed, 38 deletions(-) delete mode 100644 apps/unicorn-app/src/queries/index.ts delete mode 100644 apps/unicorn-app/src/types/index.ts delete mode 100644 libs/shared/types/src/lib/unicorn.ts diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index a38045ddb97d..5d9289cb0058 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -1,5 +1,3 @@ -import { GET_ERROR_PAGE } from '../queries' - export default function Index() { return (
diff --git a/apps/unicorn-app/src/queries/index.ts b/apps/unicorn-app/src/queries/index.ts deleted file mode 100644 index 1ca58392d6d2..000000000000 --- a/apps/unicorn-app/src/queries/index.ts +++ /dev/null @@ -1,17 +0,0 @@ -import gql from 'graphql-tag' - -export const GET_ERROR_PAGE = gql` - query ErrorPage($input: GetErrorPageInput!) { - getErrorPage(input: $input) { - errorCode - title - description { - ... on Html { - __typename - id - document - } - } - } - } -` diff --git a/apps/unicorn-app/src/types/index.ts b/apps/unicorn-app/src/types/index.ts deleted file mode 100644 index 190c20ae7a15..000000000000 --- a/apps/unicorn-app/src/types/index.ts +++ /dev/null @@ -1,16 +0,0 @@ -import { ApolloClient, NormalizedCacheObject } from '@apollo/client' -import { NextComponentType, NextPageContext } from 'next' -import { Locale, Environment } from '@island.is/shared/types' - -console.log(Environment.Development) -export type GetInitialPropsContext = Context & { - apolloClient: ApolloClient - locale: Locale - localeKey: Locale -} - -export type Screen = NextComponentType< - GetInitialPropsContext, - Props, - Props -> diff --git a/libs/shared/types/src/lib/unicorn.ts b/libs/shared/types/src/lib/unicorn.ts deleted file mode 100644 index 9e22737c1eac..000000000000 --- a/libs/shared/types/src/lib/unicorn.ts +++ /dev/null @@ -1,3 +0,0 @@ -export enum Unicorn { - Affected = 'affected', -} From e3f87ba12c7b6095374a64f309f1e59ebe7dfa1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Mon, 2 Dec 2024 15:21:47 +0000 Subject: [PATCH 34/50] Unicorn pipe (#17094) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore: Adding pipeline for unicorns * unicorn pipe * unicorn pipe * unicorn pipe * unicorn pipe * pipetest * pipetest * pipetest * chore: nx format:write update dirty files * Update .github/workflows/unicorns.yml Co-authored-by: Jรณn Levy * suggestions * chore: nx format:write update dirty files * unicorn pipe * suggestions --------- Co-authored-by: andes-it Co-authored-by: Jรณn Levy --- .github/workflows/unicorns.yml | 48 ++++++++++++++++++++++++++++++++++ scripts/ci/unicorn-utils.mjs | 16 ++++++++++++ 2 files changed, 64 insertions(+) create mode 100644 .github/workflows/unicorns.yml create mode 100644 scripts/ci/unicorn-utils.mjs diff --git a/.github/workflows/unicorns.yml b/.github/workflows/unicorns.yml new file mode 100644 index 000000000000..1f5d87c6779d --- /dev/null +++ b/.github/workflows/unicorns.yml @@ -0,0 +1,48 @@ +name: CI/CD pipeline +on: + pull_request: {} + workflow_dispatch: {} +defaults: + run: + shell: bash +jobs: + check-unicorn: + name: Check if app is on unicorn track + runs-on: ec2-runners + container: + image: public.ecr.aws/m3u4c4h9/island-is/actions-runner-public:latest + timeout-minutes: 35 + + outputs: + IS_UNICORN: ${{ steps.unicorn-affected.outputs.IS_UNICORN }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Get cache + id: get-cache + uses: ./.github/actions/get-cache + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + enable-cache: 'node_modules,generated-files' + + - uses: actions/setup-node@v4 + with: + node-version-file: 'package.json' + + - name: Setup yarn + run: corepack enable + + - name: Check unicorn affected + id: unicorn-affected + run: | + node scripts/ci/unicorn-utils.mjs + UNICORN=$(node scripts/ci/unicorn-utils.mjs) + if [ "$UNICORN" == 'true' ]; then + echo "unicorn is detected" + echo IS_UNICORN=true >> "$GITHUB_OUTPUT" + else + echo "No unicorn" + echo IS_UNICORN=false >> "$GITHUB_OUTPUT" + fi diff --git a/scripts/ci/unicorn-utils.mjs b/scripts/ci/unicorn-utils.mjs new file mode 100644 index 000000000000..c93efee772f6 --- /dev/null +++ b/scripts/ci/unicorn-utils.mjs @@ -0,0 +1,16 @@ +import { execSync } from 'child_process' +import { workspaceRoot } from '@nx/devkit' + +const unicornApps = ['unicorn-app'] + +try { + const affected = JSON.parse( + execSync( + `cd ${workspaceRoot} && yarn nx show projects --affected --base origin/main --json | jq -r`, + ).toString(), + ) + console.log(affected.some((item) => unicornApps.includes(item))) +} catch (e) { + console.error(e.message) + process.exit(1) +} From f750e39bbc525587b07963b63e7841afd1830fc2 Mon Sep 17 00:00:00 2001 From: andes-it Date: Wed, 18 Dec 2024 10:38:05 +0000 Subject: [PATCH 35/50] chore: charts update dirty files --- charts/islandis/values.dev.yaml | 2 +- charts/islandis/values.staging.yaml | 4 ++-- charts/services/unicorn-app/values.staging.yaml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/islandis/values.dev.yaml b/charts/islandis/values.dev.yaml index 4ed61856cb1a..29be8c5e25f0 100644 --- a/charts/islandis/values.dev.yaml +++ b/charts/islandis/values.dev.yaml @@ -1810,8 +1810,8 @@ namespaces: - 'services-sessions' - 'contentful-apps' - 'services-university-gateway' - - 'portals-my-pages' - 'unicorn-app' + - 'portals-my-pages' portals-admin: enabled: true env: diff --git a/charts/islandis/values.staging.yaml b/charts/islandis/values.staging.yaml index 4386348ac35e..f7c409b592b4 100644 --- a/charts/islandis/values.staging.yaml +++ b/charts/islandis/values.staging.yaml @@ -2916,7 +2916,7 @@ unicorn-app: cpuAverageUtilization: 90 nginxRequestsIrate: 5 replicas: - max: 10 + max: 3 min: 1 image: repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' @@ -2937,7 +2937,7 @@ unicorn-app: pvcs: [] replicaCount: default: 1 - max: 10 + max: 3 min: 1 resources: limits: diff --git a/charts/services/unicorn-app/values.staging.yaml b/charts/services/unicorn-app/values.staging.yaml index 3ab1cb5bab56..50960c303bef 100644 --- a/charts/services/unicorn-app/values.staging.yaml +++ b/charts/services/unicorn-app/values.staging.yaml @@ -39,7 +39,7 @@ hpa: cpuAverageUtilization: 90 nginxRequestsIrate: 5 replicas: - max: 10 + max: 3 min: 1 image: repository: '821090935708.dkr.ecr.eu-west-1.amazonaws.com/unicorn-app' @@ -60,7 +60,7 @@ podSecurityContext: pvcs: [] replicaCount: default: 1 - max: 10 + max: 3 min: 1 resources: limits: From 2b74fe9fd5221e312e03a8b1287b743f981426f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Wed, 18 Dec 2024 12:58:02 +0000 Subject: [PATCH 36/50] chore: Adding pipeline to detect unicorns (#17165) * chore: Adding tests if pipeline should run on unicorns * chore: nx format:write update dirty files * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: find release branch * chore: nx format:write update dirty files * chore: find release branch * chore: find release branch * cleanup * branch sync * mergequeue * chore: testing pipeline * chore: nx format:write update dirty files * ignore * ignore * ignore * testing pipeline * testing pipeline * testing pipeline --------- Co-authored-by: andes-it --- .github/workflows/config-values.yaml | 4 + .github/workflows/external-checks.yml | 5 +- .github/workflows/pullrequest-close.yml | 3 + .github/workflows/pullrequest-lint.yml | 3 + .github/workflows/pullrequest.yml | 6 +- .github/workflows/push.yml | 4 + .github/workflows/revert-pr.yaml | 5 + .github/workflows/unicorns.yml | 107 +++++++++++++++----- apps/unicorn-app/src/app/api/hello/route.ts | 2 +- scripts/ci/create-release.mjs | 35 +++++++ scripts/ci/get-last-release.mjs | 17 ++++ scripts/ci/unicorn-utils.mjs | 3 +- 12 files changed, 166 insertions(+), 28 deletions(-) create mode 100644 scripts/ci/create-release.mjs create mode 100644 scripts/ci/get-last-release.mjs diff --git a/.github/workflows/config-values.yaml b/.github/workflows/config-values.yaml index 883861366f8b..063c87a73e1e 100644 --- a/.github/workflows/config-values.yaml +++ b/.github/workflows/config-values.yaml @@ -6,12 +6,16 @@ on: - 'main' - 'release/**' - 'pre-release/**' + - '!unicorn-pipe-rel3' + - '!feature/unicorn-app' paths: - 'charts/**' - 'infra/**' - '**/infra/**' workflow_dispatch: {} pull_request: + branches: + - '!unicorn-pipe-rel3' paths: - 'charts/**' - 'infra/**' diff --git a/.github/workflows/external-checks.yml b/.github/workflows/external-checks.yml index 5707795d4f9b..237db4005164 100644 --- a/.github/workflows/external-checks.yml +++ b/.github/workflows/external-checks.yml @@ -1,7 +1,10 @@ name: External checks on: - pull_request: {} + pull_request: + branches-ignore: + - 'unicorn*' + - 'feature/unicorn*' workflow_dispatch: {} defaults: diff --git a/.github/workflows/pullrequest-close.yml b/.github/workflows/pullrequest-close.yml index 5d3e066f3866..1b3d736c9fc1 100644 --- a/.github/workflows/pullrequest-close.yml +++ b/.github/workflows/pullrequest-close.yml @@ -4,6 +4,9 @@ on: pull_request: types: - closed + branches-ignore: + - 'unicorn*' + - 'feature/unicorn*' defaults: run: diff --git a/.github/workflows/pullrequest-lint.yml b/.github/workflows/pullrequest-lint.yml index f7b04171a1c8..593193d87ba2 100644 --- a/.github/workflows/pullrequest-lint.yml +++ b/.github/workflows/pullrequest-lint.yml @@ -6,6 +6,9 @@ on: - reopened - edited - synchronize + branches-ignore: + - 'unicorn*' + - 'feature/unicorn*' defaults: run: diff --git a/.github/workflows/pullrequest.yml b/.github/workflows/pullrequest.yml index 71eace37971b..0c41d4670abe 100644 --- a/.github/workflows/pullrequest.yml +++ b/.github/workflows/pullrequest.yml @@ -1,9 +1,13 @@ name: Monorepo pipeline - pull request on: - pull_request: {} + pull_request: + branches-ignore: + - 'unicorn*' + - 'feature/unicorn*' workflow_dispatch: {} + defaults: run: shell: bash diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 15225953329b..cf60e146bf33 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -6,6 +6,8 @@ on: - 'main' - 'release/**' - 'pre-release/**' + - '!unicorn-pipe-rel3' + - '!feature/unicorn-app' paths-ignore: - '**/*.md' tags: @@ -13,6 +15,8 @@ on: workflow_dispatch: create: pull_request: + branches: + - '!unicorn-pipe-rel3' types: - opened - synchronize diff --git a/.github/workflows/revert-pr.yaml b/.github/workflows/revert-pr.yaml index 492ca4300e92..4a996848d84f 100644 --- a/.github/workflows/revert-pr.yaml +++ b/.github/workflows/revert-pr.yaml @@ -8,12 +8,17 @@ on: - completed branches: - main + - '!unicorn-pipe-rel3' + - '!feature/unicorn-app' pull_request: + branches: + - '!unicorn-pipe-rel3' types: - opened - synchronize - labeled + permissions: contents: write pull-requests: write diff --git a/.github/workflows/unicorns.yml b/.github/workflows/unicorns.yml index 1f5d87c6779d..27698f9abb55 100644 --- a/.github/workflows/unicorns.yml +++ b/.github/workflows/unicorns.yml @@ -1,32 +1,79 @@ -name: CI/CD pipeline +name: Unicorn CI/CD pipeline on: - pull_request: {} - workflow_dispatch: {} + workflow_dispatch: + create: + pull_request: + types: + - opened + - synchronize + - labeled + - closed + pull_request_review: + types: [submitted] + merge_group: +concurrency: + # See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-using-a-fallback-value + group: push-unicorn${{ github.head_ref || github.run_id }} + cancel-in-progress: true + defaults: run: shell: bash jobs: + printJob: + name: Print event + runs-on: ubuntu-latest + steps: + - name: Dump GitHub context + env: + GITHUB_CONTEXT: ${{ toJson(github) }} + run: | + echo "$GITHUB_CONTEXT" + check-approved: + name: Is PR approved + runs-on: ubuntu-latest + outputs: + IS_APPROVED: ${{ steps.check-approved.outputs.result }} + steps: + - name: Check if PR is approved + id: check-approved + uses: actions/github-script@v7 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + if (!context || !context.payload || !context.payload.pull_request) { + return false; + } + var reviews = await github.rest.pulls.listReviews({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.issue.number + }); + + if(!reviews || !reviews.data == null) { + return false; + } + var declined = reviews.data.filter(review => review.state != 'APPROVED').length > 0; + var pending = context.payload.pull_request.requested_teams.length > 0 + console.log(!(declined && pending) ? 'Pr is approved' : 'Pr is not approved'); + return !(declined && pending); + - name: output + run: echo "IS_APPROVED=${{ steps.check-approved.outputs.result }}" >> $GITHUB_OUTPUT + check-unicorn: - name: Check if app is on unicorn track + name: Is this a unicorn PR + needs: check-approved + if: ${{ needs.check-approved.outputs.IS_APPROVED }}" runs-on: ec2-runners container: image: public.ecr.aws/m3u4c4h9/island-is/actions-runner-public:latest - timeout-minutes: 35 - - outputs: - IS_UNICORN: ${{ steps.unicorn-affected.outputs.IS_UNICORN }} + timeout-minutes: 10 steps: + - run: echo "selected runner = ${{ runner.name }}" - uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Get cache - id: get-cache - uses: ./.github/actions/get-cache - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - enable-cache: 'node_modules,generated-files' - - uses: actions/setup-node@v4 with: node-version-file: 'package.json' @@ -34,15 +81,27 @@ jobs: - name: Setup yarn run: corepack enable + - name: Get cache + id: get-cache + uses: ./.github/actions/get-cache + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + enable-cache: 'node_modules,generated-files' + - name: Check unicorn affected id: unicorn-affected + env: + BaseRef: ${{ github.base_ref }} #The target branch e.g. main (feature/unicorn-app) + HeadRef: ${{ github.head_ref }} #The branch being merged e.g. (unicorn-pipe-rel3) + run: | + echo "Comparing nx affected for $HeadRef using origin/$BaseRef as base branch" + echo IS_UNICORN=$(node scripts/ci/unicorn-utils.mjs "{\"baseBranch\": \"origin/$BaseRef\", \"mergeBranch\": \"$HeadRef\" }") >> "$GITHUB_OUTPUT" + - name: Results run: | - node scripts/ci/unicorn-utils.mjs - UNICORN=$(node scripts/ci/unicorn-utils.mjs) - if [ "$UNICORN" == 'true' ]; then - echo "unicorn is detected" - echo IS_UNICORN=true >> "$GITHUB_OUTPUT" - else - echo "No unicorn" - echo IS_UNICORN=false >> "$GITHUB_OUTPUT" - fi + echo "Unicorn = ${{ steps.unicorn-affected.outputs.IS_UNICORN }}" + + - name: Find Latest Release Branch + run: | + node scripts/ci/get-last-release.mjs $(git branch -r) + + - run: "echo 'latest release: ${{ steps.get_latest_release.outputs.data }}'" diff --git a/apps/unicorn-app/src/app/api/hello/route.ts b/apps/unicorn-app/src/app/api/hello/route.ts index e74df4e77465..4a0d8ceed763 100644 --- a/apps/unicorn-app/src/app/api/hello/route.ts +++ b/apps/unicorn-app/src/app/api/hello/route.ts @@ -1,3 +1,3 @@ export async function GET(request: Request) { - return new Response('Hello, from API!') + return new Response('Hello, hello, from API!') } diff --git a/scripts/ci/create-release.mjs b/scripts/ci/create-release.mjs new file mode 100644 index 000000000000..85d818b14889 --- /dev/null +++ b/scripts/ci/create-release.mjs @@ -0,0 +1,35 @@ +import { Octokit } from '@octokit/rest' + +const { GITHUB_TOKEN, GITHUB_REPOSITORY, GITHUB_REF } = process.env +const octokit = new Octokit({ auth: GITHUB_TOKEN }) +const [owner, repo] = GITHUB_REPOSITORY?.split('/') || [] + +const arg = process.argv.slice(2) + +const { data: pullRequest } = await octokit.rest.pulls.get({ + owner: owner, + repo: repo, + pull_number: arg[0], +}) + +const SHA = pullRequest.head.sha +// This is a temporary commit that is created behind the scenes for +// the test merge that validated no conflicts exist with the base branch. +// It is not committed to the repository. +// After the PR is merged, this value instead represents the SHA of the merge commit +octokit.rest.repos + .createRelease({ + owner: owner, + repo: repo, + target_commitish: SHA, + tag_name: 'SomeTag', + name: 'Test 123', + generate_release_notes: true, + }) + .then(({ data }) => { + console.log(data) + }) + .catch((error) => { + console.log(error) + process.exit(1) + }) diff --git a/scripts/ci/get-last-release.mjs b/scripts/ci/get-last-release.mjs new file mode 100644 index 000000000000..03feaf63f4d0 --- /dev/null +++ b/scripts/ci/get-last-release.mjs @@ -0,0 +1,17 @@ +const releases = process.argv + .slice(2) + .map((release) => release.replace('origin/release/', '')) + .filter((release) => /^\d+\.\d+\.\d+$/.test(release)) + .sort((a, b) => { + const [aMajor, aMinor, aPatch] = a.split('.').map(Number) + const [bMajor, bMinor, bPatch] = b.split('.').map(Number) + + if (aMajor !== bMajor) { + return bMajor - aMajor + } else if (aMinor !== bMinor) { + return bMinor - aMinor + } else { + return bPatch - aPatch + } + }) +console.log(releases[0]) diff --git a/scripts/ci/unicorn-utils.mjs b/scripts/ci/unicorn-utils.mjs index c93efee772f6..22078efe215d 100644 --- a/scripts/ci/unicorn-utils.mjs +++ b/scripts/ci/unicorn-utils.mjs @@ -3,10 +3,11 @@ import { workspaceRoot } from '@nx/devkit' const unicornApps = ['unicorn-app'] +const arg = JSON.parse(process.argv.slice(2)) try { const affected = JSON.parse( execSync( - `cd ${workspaceRoot} && yarn nx show projects --affected --base origin/main --json | jq -r`, + `cd ${workspaceRoot} && yarn nx show projects --affected --base ${arg.baseBranch} --json | jq -r`, ).toString(), ) console.log(affected.some((item) => unicornApps.includes(item))) From 2455ee56502d7eb71823bf44e4b29cd8d89f12ba Mon Sep 17 00:00:00 2001 From: andes-it Date: Wed, 18 Dec 2024 13:02:41 +0000 Subject: [PATCH 37/50] chore: nx format:write update dirty files --- .github/workflows/pullrequest.yml | 1 - .github/workflows/revert-pr.yaml | 1 - 2 files changed, 2 deletions(-) diff --git a/.github/workflows/pullrequest.yml b/.github/workflows/pullrequest.yml index 0c41d4670abe..cf0501dccacd 100644 --- a/.github/workflows/pullrequest.yml +++ b/.github/workflows/pullrequest.yml @@ -7,7 +7,6 @@ on: - 'feature/unicorn*' workflow_dispatch: {} - defaults: run: shell: bash diff --git a/.github/workflows/revert-pr.yaml b/.github/workflows/revert-pr.yaml index 4a996848d84f..ef06fbbb665d 100644 --- a/.github/workflows/revert-pr.yaml +++ b/.github/workflows/revert-pr.yaml @@ -18,7 +18,6 @@ on: - synchronize - labeled - permissions: contents: write pull-requests: write From 849d90ab29a52cff7b5ba2f335103f0fde092539 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Wed, 18 Dec 2024 13:06:41 +0000 Subject: [PATCH 38/50] chore: testing mergequeue --- apps/unicorn-app/src/app/page.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index 5d9289cb0058..7941a75aac62 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -6,7 +6,7 @@ export default function Index() {

- Welcome unicorn ๐Ÿฆ„ + Welcome unicorn ๐Ÿฆ„ PR

From fd9279da680fd601dde80e175f60132bf0f6ce76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Wed, 18 Dec 2024 13:15:27 +0000 Subject: [PATCH 39/50] Adding mergequeue ci --- .github/workflows/merge-queue-ci.yml | 18 ++++++++++++++++++ .github/workflows/unicorns.yml | 1 - 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/merge-queue-ci.yml diff --git a/.github/workflows/merge-queue-ci.yml b/.github/workflows/merge-queue-ci.yml new file mode 100644 index 000000000000..754599ca7adb --- /dev/null +++ b/.github/workflows/merge-queue-ci.yml @@ -0,0 +1,18 @@ +name: Validate code in the merge queue + +on: + merge_group: + +jobs: + validate-pr: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Display info + run: | + pwd + tree -a -I '.git' + git status + - name: Run slow CI (emulated by a long sleep) + run: sleep 300 diff --git a/.github/workflows/unicorns.yml b/.github/workflows/unicorns.yml index 27698f9abb55..2bf69e51d595 100644 --- a/.github/workflows/unicorns.yml +++ b/.github/workflows/unicorns.yml @@ -10,7 +10,6 @@ on: - closed pull_request_review: types: [submitted] - merge_group: concurrency: # See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-using-a-fallback-value group: push-unicorn${{ github.head_ref || github.run_id }} From 30eae3a460ff24ddfd55701b31e0644886be59f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Wed, 18 Dec 2024 13:21:17 +0000 Subject: [PATCH 40/50] chore: testing mergequeue --- .github/workflows/config-values.yaml | 3 ++- .github/workflows/external-checks.yml | 1 - .github/workflows/pullrequest-close.yml | 3 +-- .github/workflows/pullrequest-lint.yml | 3 +-- .github/workflows/pullrequest.yml | 3 +-- .github/workflows/push.yml | 5 ++--- .github/workflows/revert-pr.yaml | 4 ++-- 7 files changed, 9 insertions(+), 13 deletions(-) diff --git a/.github/workflows/config-values.yaml b/.github/workflows/config-values.yaml index 063c87a73e1e..e349d4ca9c26 100644 --- a/.github/workflows/config-values.yaml +++ b/.github/workflows/config-values.yaml @@ -15,7 +15,8 @@ on: workflow_dispatch: {} pull_request: branches: - - '!unicorn-pipe-rel3' + - '!uni-pr' + - '!feature/unicorn-app' paths: - 'charts/**' - 'infra/**' diff --git a/.github/workflows/external-checks.yml b/.github/workflows/external-checks.yml index 237db4005164..809b16172b24 100644 --- a/.github/workflows/external-checks.yml +++ b/.github/workflows/external-checks.yml @@ -3,7 +3,6 @@ name: External checks on: pull_request: branches-ignore: - - 'unicorn*' - 'feature/unicorn*' workflow_dispatch: {} diff --git a/.github/workflows/pullrequest-close.yml b/.github/workflows/pullrequest-close.yml index 1b3d736c9fc1..8797f4407dd6 100644 --- a/.github/workflows/pullrequest-close.yml +++ b/.github/workflows/pullrequest-close.yml @@ -5,8 +5,7 @@ on: types: - closed branches-ignore: - - 'unicorn*' - - 'feature/unicorn*' + - 'uni-pr' defaults: run: diff --git a/.github/workflows/pullrequest-lint.yml b/.github/workflows/pullrequest-lint.yml index 593193d87ba2..447ef8d7b155 100644 --- a/.github/workflows/pullrequest-lint.yml +++ b/.github/workflows/pullrequest-lint.yml @@ -7,8 +7,7 @@ on: - edited - synchronize branches-ignore: - - 'unicorn*' - - 'feature/unicorn*' + - 'uni-pr' defaults: run: diff --git a/.github/workflows/pullrequest.yml b/.github/workflows/pullrequest.yml index cf0501dccacd..663b5b17cd71 100644 --- a/.github/workflows/pullrequest.yml +++ b/.github/workflows/pullrequest.yml @@ -3,8 +3,7 @@ name: Monorepo pipeline - pull request on: pull_request: branches-ignore: - - 'unicorn*' - - 'feature/unicorn*' + - 'uni-pr' workflow_dispatch: {} defaults: diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index cf60e146bf33..e791ec9f9334 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -6,8 +6,7 @@ on: - 'main' - 'release/**' - 'pre-release/**' - - '!unicorn-pipe-rel3' - - '!feature/unicorn-app' + - '!uni-pr' paths-ignore: - '**/*.md' tags: @@ -16,7 +15,7 @@ on: create: pull_request: branches: - - '!unicorn-pipe-rel3' + - '!uni-pr' types: - opened - synchronize diff --git a/.github/workflows/revert-pr.yaml b/.github/workflows/revert-pr.yaml index ef06fbbb665d..5945712005b5 100644 --- a/.github/workflows/revert-pr.yaml +++ b/.github/workflows/revert-pr.yaml @@ -8,11 +8,11 @@ on: - completed branches: - main - - '!unicorn-pipe-rel3' + - '!uni-pr' - '!feature/unicorn-app' pull_request: branches: - - '!unicorn-pipe-rel3' + - '!uni-pr' types: - opened - synchronize From adfa2e867ebc76cd77ff6d80a01d2b5b9017f98e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Wed, 18 Dec 2024 13:24:37 +0000 Subject: [PATCH 41/50] chore: testing mergequeue --- .github/workflows/pullrequest-lint.yml | 1 + .github/workflows/pullrequest.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/pullrequest-lint.yml b/.github/workflows/pullrequest-lint.yml index 447ef8d7b155..41e94022f624 100644 --- a/.github/workflows/pullrequest-lint.yml +++ b/.github/workflows/pullrequest-lint.yml @@ -8,6 +8,7 @@ on: - synchronize branches-ignore: - 'uni-pr' + - 'feature/unicorn-app' defaults: run: diff --git a/.github/workflows/pullrequest.yml b/.github/workflows/pullrequest.yml index 663b5b17cd71..b0de5846c2a2 100644 --- a/.github/workflows/pullrequest.yml +++ b/.github/workflows/pullrequest.yml @@ -4,6 +4,7 @@ on: pull_request: branches-ignore: - 'uni-pr' + - 'feature/unicorn-app' workflow_dispatch: {} defaults: From cc0758bf1bde62890cbbfc921585b8b042e1d930 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Wed, 18 Dec 2024 13:25:43 +0000 Subject: [PATCH 42/50] Uni pr (#17280) * chore: testing mergequeue * Adding mergequeue ci * chore: testing mergequeue * chore: testing mergequeue --- .github/workflows/config-values.yaml | 3 ++- .github/workflows/external-checks.yml | 1 - .github/workflows/merge-queue-ci.yml | 18 ++++++++++++++++++ .github/workflows/pullrequest-close.yml | 3 +-- .github/workflows/pullrequest-lint.yml | 4 ++-- .github/workflows/pullrequest.yml | 4 ++-- .github/workflows/push.yml | 5 ++--- .github/workflows/revert-pr.yaml | 4 ++-- .github/workflows/unicorns.yml | 1 - apps/unicorn-app/src/app/page.tsx | 2 +- 10 files changed, 30 insertions(+), 15 deletions(-) create mode 100644 .github/workflows/merge-queue-ci.yml diff --git a/.github/workflows/config-values.yaml b/.github/workflows/config-values.yaml index 063c87a73e1e..e349d4ca9c26 100644 --- a/.github/workflows/config-values.yaml +++ b/.github/workflows/config-values.yaml @@ -15,7 +15,8 @@ on: workflow_dispatch: {} pull_request: branches: - - '!unicorn-pipe-rel3' + - '!uni-pr' + - '!feature/unicorn-app' paths: - 'charts/**' - 'infra/**' diff --git a/.github/workflows/external-checks.yml b/.github/workflows/external-checks.yml index 237db4005164..809b16172b24 100644 --- a/.github/workflows/external-checks.yml +++ b/.github/workflows/external-checks.yml @@ -3,7 +3,6 @@ name: External checks on: pull_request: branches-ignore: - - 'unicorn*' - 'feature/unicorn*' workflow_dispatch: {} diff --git a/.github/workflows/merge-queue-ci.yml b/.github/workflows/merge-queue-ci.yml new file mode 100644 index 000000000000..754599ca7adb --- /dev/null +++ b/.github/workflows/merge-queue-ci.yml @@ -0,0 +1,18 @@ +name: Validate code in the merge queue + +on: + merge_group: + +jobs: + validate-pr: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Display info + run: | + pwd + tree -a -I '.git' + git status + - name: Run slow CI (emulated by a long sleep) + run: sleep 300 diff --git a/.github/workflows/pullrequest-close.yml b/.github/workflows/pullrequest-close.yml index 1b3d736c9fc1..8797f4407dd6 100644 --- a/.github/workflows/pullrequest-close.yml +++ b/.github/workflows/pullrequest-close.yml @@ -5,8 +5,7 @@ on: types: - closed branches-ignore: - - 'unicorn*' - - 'feature/unicorn*' + - 'uni-pr' defaults: run: diff --git a/.github/workflows/pullrequest-lint.yml b/.github/workflows/pullrequest-lint.yml index 593193d87ba2..41e94022f624 100644 --- a/.github/workflows/pullrequest-lint.yml +++ b/.github/workflows/pullrequest-lint.yml @@ -7,8 +7,8 @@ on: - edited - synchronize branches-ignore: - - 'unicorn*' - - 'feature/unicorn*' + - 'uni-pr' + - 'feature/unicorn-app' defaults: run: diff --git a/.github/workflows/pullrequest.yml b/.github/workflows/pullrequest.yml index cf0501dccacd..b0de5846c2a2 100644 --- a/.github/workflows/pullrequest.yml +++ b/.github/workflows/pullrequest.yml @@ -3,8 +3,8 @@ name: Monorepo pipeline - pull request on: pull_request: branches-ignore: - - 'unicorn*' - - 'feature/unicorn*' + - 'uni-pr' + - 'feature/unicorn-app' workflow_dispatch: {} defaults: diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index cf60e146bf33..e791ec9f9334 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -6,8 +6,7 @@ on: - 'main' - 'release/**' - 'pre-release/**' - - '!unicorn-pipe-rel3' - - '!feature/unicorn-app' + - '!uni-pr' paths-ignore: - '**/*.md' tags: @@ -16,7 +15,7 @@ on: create: pull_request: branches: - - '!unicorn-pipe-rel3' + - '!uni-pr' types: - opened - synchronize diff --git a/.github/workflows/revert-pr.yaml b/.github/workflows/revert-pr.yaml index ef06fbbb665d..5945712005b5 100644 --- a/.github/workflows/revert-pr.yaml +++ b/.github/workflows/revert-pr.yaml @@ -8,11 +8,11 @@ on: - completed branches: - main - - '!unicorn-pipe-rel3' + - '!uni-pr' - '!feature/unicorn-app' pull_request: branches: - - '!unicorn-pipe-rel3' + - '!uni-pr' types: - opened - synchronize diff --git a/.github/workflows/unicorns.yml b/.github/workflows/unicorns.yml index 27698f9abb55..2bf69e51d595 100644 --- a/.github/workflows/unicorns.yml +++ b/.github/workflows/unicorns.yml @@ -10,7 +10,6 @@ on: - closed pull_request_review: types: [submitted] - merge_group: concurrency: # See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-using-a-fallback-value group: push-unicorn${{ github.head_ref || github.run_id }} diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index 5d9289cb0058..7941a75aac62 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -6,7 +6,7 @@ export default function Index() {

- Welcome unicorn ๐Ÿฆ„ + Welcome unicorn ๐Ÿฆ„ PR

From f3482ae2fa7583710b0615dd934d9eba13be8c55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Wed, 18 Dec 2024 13:28:47 +0000 Subject: [PATCH 43/50] chore: testing mergequeue --- .github/workflows/external-checks.yml | 2 +- .github/workflows/pullrequest-close.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/external-checks.yml b/.github/workflows/external-checks.yml index 809b16172b24..816915e60af3 100644 --- a/.github/workflows/external-checks.yml +++ b/.github/workflows/external-checks.yml @@ -3,7 +3,7 @@ name: External checks on: pull_request: branches-ignore: - - 'feature/unicorn*' + - 'feature/unicorn-app' workflow_dispatch: {} defaults: diff --git a/.github/workflows/pullrequest-close.yml b/.github/workflows/pullrequest-close.yml index 8797f4407dd6..76e88bbcba19 100644 --- a/.github/workflows/pullrequest-close.yml +++ b/.github/workflows/pullrequest-close.yml @@ -6,6 +6,7 @@ on: - closed branches-ignore: - 'uni-pr' + - 'feature/unicorn-app' defaults: run: From 78b8a5723da2b05a209d3c85b07a4c6393791adf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Wed, 18 Dec 2024 13:30:45 +0000 Subject: [PATCH 44/50] chore: testing mergequeue --- .github/workflows/push.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index e791ec9f9334..526291f1f2fa 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -7,6 +7,7 @@ on: - 'release/**' - 'pre-release/**' - '!uni-pr' + - '!feature/unicorn-app' paths-ignore: - '**/*.md' tags: @@ -16,6 +17,7 @@ on: pull_request: branches: - '!uni-pr' + - '!feature/unicorn-app' types: - opened - synchronize From 4d4aef04037a079b01a2f221dea8b4eaeeefc7d5 Mon Sep 17 00:00:00 2001 From: andes-it Date: Wed, 18 Dec 2024 13:36:13 +0000 Subject: [PATCH 45/50] chore: nx format:write update dirty files --- .github/workflows/merge-queue-ci.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/merge-queue-ci.yml b/.github/workflows/merge-queue-ci.yml index 754599ca7adb..ae0440cc694e 100644 --- a/.github/workflows/merge-queue-ci.yml +++ b/.github/workflows/merge-queue-ci.yml @@ -7,12 +7,12 @@ jobs: validate-pr: runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v3 - - name: Display info - run: | - pwd - tree -a -I '.git' - git status - - name: Run slow CI (emulated by a long sleep) - run: sleep 300 + - name: Checkout code + uses: actions/checkout@v3 + - name: Display info + run: | + pwd + tree -a -I '.git' + git status + - name: Run slow CI (emulated by a long sleep) + run: sleep 300 From c6d1bff69953306179c9fd238cdf08b295c0da3d Mon Sep 17 00:00:00 2001 From: andes-it Date: Wed, 18 Dec 2024 13:41:34 +0000 Subject: [PATCH 46/50] chore: nx format:write update dirty files --- .github/workflows/merge-queue-ci.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/merge-queue-ci.yml b/.github/workflows/merge-queue-ci.yml index 754599ca7adb..ae0440cc694e 100644 --- a/.github/workflows/merge-queue-ci.yml +++ b/.github/workflows/merge-queue-ci.yml @@ -7,12 +7,12 @@ jobs: validate-pr: runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v3 - - name: Display info - run: | - pwd - tree -a -I '.git' - git status - - name: Run slow CI (emulated by a long sleep) - run: sleep 300 + - name: Checkout code + uses: actions/checkout@v3 + - name: Display info + run: | + pwd + tree -a -I '.git' + git status + - name: Run slow CI (emulated by a long sleep) + run: sleep 300 From 309e969ee25c5508f0595e8f08b98dc7aeadcb49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Wed, 18 Dec 2024 13:55:31 +0000 Subject: [PATCH 47/50] chore: testing mergequeue --- apps/unicorn-app/src/app/page.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index 7941a75aac62..5d9289cb0058 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -6,7 +6,7 @@ export default function Index() {

- Welcome unicorn ๐Ÿฆ„ PR + Welcome unicorn ๐Ÿฆ„

From caf2734ae1b87d31f03f9c1313861a86ec022c3a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Fri, 20 Dec 2024 10:16:10 +0000 Subject: [PATCH 48/50] chore: testing mergequeue --- .github/workflows/merge-queue-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/merge-queue-ci.yml b/.github/workflows/merge-queue-ci.yml index ae0440cc694e..2e96f313443e 100644 --- a/.github/workflows/merge-queue-ci.yml +++ b/.github/workflows/merge-queue-ci.yml @@ -11,6 +11,7 @@ jobs: uses: actions/checkout@v3 - name: Display info run: | + echo "Hallo Merge Queue" pwd tree -a -I '.git' git status From 3f250d1d9c7aab05e417bea760396d001fa4e765 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Wed, 18 Dec 2024 13:25:43 +0000 Subject: [PATCH 49/50] Uni pr (#17280) * chore: testing mergequeue * Adding mergequeue ci * chore: testing mergequeue * chore: testing mergequeue --- apps/unicorn-app/src/app/page.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index 5d9289cb0058..7941a75aac62 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -6,7 +6,7 @@ export default function Index() {

- Welcome unicorn ๐Ÿฆ„ + Welcome unicorn ๐Ÿฆ„ PR

From 8512436c1dbd5f2c77fc9189413c71e48e59f570 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Fri, 20 Dec 2024 10:31:09 +0000 Subject: [PATCH 50/50] chore: testing mergequeue --- apps/unicorn-app/src/app/page.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/unicorn-app/src/app/page.tsx b/apps/unicorn-app/src/app/page.tsx index 7941a75aac62..5d9289cb0058 100644 --- a/apps/unicorn-app/src/app/page.tsx +++ b/apps/unicorn-app/src/app/page.tsx @@ -6,7 +6,7 @@ export default function Index() {

- Welcome unicorn ๐Ÿฆ„ PR + Welcome unicorn ๐Ÿฆ„